In PrestaShop before version 1.7.6.5, there is a reflected XSS while running the security compromised page. It allows anyone to execute arbitrary action. The problem is patched in the 1.7.6.5.
CPE | Name | Operator | Version |
---|---|---|---|
prestashop | gt | 1.7.0.0 | |
prestashop | lt | 1.7.6.5 |