Lucene search

CVE-2020-15162

🗓️ 24 Sep 2020 23:13:15Reported by GitHub_MType

PrestaShop version 1.5.0.0 to 1.7.6.8 allows XSS via compromised file attachment

Reporter	Title	Published	Views	Family All 5
Cvelist	CVE-2020-15162 Stored XSS in PrestaShop	24 Sep 202022:15	–	cvelist
OSV	CVE-2020-15162	24 Sep 202023:15	–	osv
NVD	CVE-2020-15162	24 Sep 202023:15	–	nvd
Prion	Cross site scripting	24 Sep 202023:15	–	prion
OpenVAS	PrestaShop 1.5.0.0 < 1.7.6.8 XSS Vulnerability	29 Sep 202000:00	–	openvas

Nvd

Vulners

Node

prestashop prestashopRange1.5.0.0–1.7.6.8

[
  {
    "product": "PrestaShop",
    "vendor": "PrestaShop",
    "versions": [
      {
        "status": "affected",
        "version": "> 1.5.0.0, < 1.7.6.8"
      }
    ]
  }
]

Source	Link
github	www.github.com/PrestaShop/PrestaShop/releases/tag/1.7.6.8
github	www.github.com/PrestaShop/PrestaShop/security/advisories/GHSA-rc8c-v7rq-q392
github	www.github.com/PrestaShop/PrestaShop/commit/2cfcd33c75974a49f17665f294f228454e14d9cf

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Sep 2020 23:15Current

5.2Medium risk

Vulners AI Score5.2

CVSS23.5

CVSS35.4

EPSS0.00086

CWE-79