PT-2023-23367 · Unknown · Prestashop

Name of the Vulnerable Software and Affected Versions: PrestaShop version 1.7.7.4 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the message parameter in "/contactform/contactform.php". Recommendations: F...