Cross site scripting

2014-04-0715:55:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.3%

JSON

Cross-site scripting (XSS) vulnerability in redirect.php in the Socolissimo module (modules/socolissimo/) in PrestaShop before 1.4.7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to “parameter names and values.”

CPENameOperatorVersion
prestashopeq1.4.0.6
prestashopeq1.4.0.10
prestashopeq1.4.1.0
prestashopeq1.4.0.16
prestashopeq1.4.0.3
prestashopeq1.4.4.1
prestashopeq1.4.0.7
prestashople1.4.7.1
prestashopeq1.4.3.0
prestashopeq1.4.0.13

Name	Operator	Version
prestashop	eq	1.4.0.6
prestashop	eq	1.4.0.10
prestashop	eq	1.4.1.0
prestashop	eq	1.4.0.16
prestashop	eq	1.4.0.3
prestashop	eq	1.4.4.1
prestashop	eq	1.4.0.7
prestashop	le	1.4.7.1
prestashop	eq	1.4.3.0
prestashop	eq	1.4.0.13

Rows per page:

1-10 of 281

References

secunia.com/advisories/48036

www.prestashop.com/de/entwickler-versionen/changelog/1.4.7.2

www.securityfocus.com/bid/52962

exchange.xforce.ibmcloud.com/vulnerabilities/74773