An attacker could inject malicious web code into the users’ web browsers by creating a malicious link.
The problem is fixed in 4.2.0
CPE | Name | Operator | Version |
---|---|---|---|
prestashop/productcomments | eq | 4.0.1 | |
prestashop/productcomments | eq | 4.1.0 | |
prestashop/productcomments | eq | 4.0.0 |