CVE-2019-11876
In PrestaShop 1.7.5.2, the shop_country parameter in the install/index.php installation script/component is affected by Reflected XSS. Exploitation by a malicious actor requires the user to follow the initial stages of the setup (accepting terms and conditions) before executing the malicious link.
Date published : 2019-05-24
(XSS) Vulnerabilities found – Choose your test scope correctly
https://www.prestashop.com/forums/forum/2-prestashop-news-and-releases/