Lucene search
GoogleOSV:GHSA-95HX-62RH-GG96HistorySep 15, 2020 - 5:34 p.m.
Potential XSS injection In PrestaShop contactform
2020-09-1517:34:17
Google
osv.dev
4
xss injection
prestashop
contact form
security patch
EPSS
0.002
Percentile
61.0%
Impact
An attacker is able to inject javascript while using the contact form.
Patches
The problem is fixed in v4.3.0
References
References
github.com/PrestaShop/contactform
github.com/PrestaShop/contactform/commit/a1da814bea7e5750b858a2dbbc58ace80379f42f
github.com/PrestaShop/contactform/commit/ecd9f5d14920ec00885766a7cb41bcc5ed8bfa09
github.com/PrestaShop/contactform/security/advisories/GHSA-95hx-62rh-gg96
nvd.nist.gov/vuln/detail/CVE-2020-15178
packagist.org/packages/prestashop/contactform
Related
osv
osv
CVE-2020-15178
2020-09-15 18:15:13
prion
prion
Input validation
2020-09-15 18:15:00
github
github
Potential XSS injection In PrestaShop contactform
2020-09-15 17:34:17
cvelist
cvelist
CVE-2020-15178 Potential XSS in PrestaShop contactform
2020-09-15 17:50:13
veracode
veracode
Cross-Site Scripting (XSS)
2020-09-16 05:17:42
nvd
nvd
CVE-2020-15178
2020-09-15 18:15:13
CVE-2023-31508
2023-05-11 22:15:11
cve
cve
CVE-2020-15178
2020-09-15 18:15:13
CVE-2023-31508
2023-05-11 22:15:11