Lucene search
GoogleOSV:CVE-2020-26225HistoryNov 16, 2020 - 10:15 p.m.
CVE-2020-26225
2020-11-1622:15:12
Google
osv.dev
1
In PrestaShop Product Comments before version 4.2.0, an attacker could inject malicious web code into the users’ web browsers by creating a malicious link. The problem was introduced in version 4.0.0 and is fixed in 4.2.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| productcomments | eq | 3.6.1 | |
| productcomments | eq | 4.0.0 | |
| productcomments | eq | 3.6.0 |
Related
github
github
Reflected XSS with parameters in PostComment
2020-11-16 21:23:29
veracode
veracode
Cross-Site Scripting (XSS)
2020-11-17 05:16:58
Cross-site Scripting (XSS)
2020-11-18 05:30:21
prion
prion
Design/Logic Flaw
2020-11-16 22:15:00
osv
osv
Reflected XSS with parameters in PostComment
2020-11-16 21:23:29
nvd
nvd
CVE-2020-26225
2020-11-16 22:15:12
cve
cve
CVE-2020-26225
2020-11-16 22:15:12
cvelist
cvelist
CVE-2020-26225 Reflected XSS in PrestaShop Product Comments
2020-11-16 21:35:13