Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2020-15162 - Vulnerability Database
PrestaShop

PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2020-15162

Medium
Reference: CVE-2020-15162
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-15162
Title: PrestaShop Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

In PrestaShop from version 1.5.0.0 and before version 1.7.6.8 users are allowed to send compromised files. These attachments allowed people to input malicious JavaScript which triggered an XSS payload. The problem is fixed in version 1.7.6.8.