Vulnerabilities

CVE-2020-15162

by Fred · 24/09/2020

In PrestaShop from version 1.5.0.0 and before version 1.7.6.8, users are allowed to send compromised files. These attachments allowed people to input malicious JavaScript which triggered an XSS payload. The problem is fixed in version 1.7.6.8.

Date published : 2020-09-24

https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-rc8c-v7rq-q392

https://github.com/PrestaShop/PrestaShop/commit/2cfcd33c75974a49f17665f294f228454e14d9cf

Similar

Tags: Cybersecurity Alert