Unrated severityNVD Advisory· Published Apr 20, 2020· Updated Aug 4, 2024
Reflected XSS with dashboard calendar of PrestaShop
CVE-2020-5271
Description
In PrestaShop between versions 1.6.0.0 and 1.7.6.5, there is a reflected XSS with date_from and date_to parameters in the dashboard page This problem is fixed in 1.7.6.5
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2>=1.6.0.0, <=1.7.6.5+ 1 more
- (no CPE)range: >=1.6.0.0, <=1.7.6.5
- (no CPE)range: >= 1.6.0.0, < 1.7.6.5
Patches
Vulnerability mechanics
References
2- github.com/PrestaShop/PrestaShop/commit/c464518d2aaf195007a1eb055fce64a9a027e00amitrex_refsource_MISC
- github.com/PrestaShop/PrestaShop/security/advisories/GHSA-m2x6-c2c6-pjrxmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.