3 matches found
CVE-2025-1230
Stored Cross-Site Scripting XSS vulnerability in Prestashop 8.1.7, due to the lack of proper validation of user input through ‘//index.php’, affecting the ‘link’ parameter. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cook...
CVE-2025-1230 Cross-Site Scripting (XSS) vulnerability in Prestashop
Stored Cross-Site Scripting XSS vulnerability in Prestashop 8.1.7, due to the lack of proper validation of user input through ‘//index.php’, affecting the ‘link’ parameter. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their cook...
CVE-2025-1230
CVE-2025-1230 : A Stored XSS in Prestashop 8.1.7 allows an attacker to abuse insufficient validation of the link parameter sent to the admin index.php. The root cause is lack of proper input validation, enabling a crafted query to an authenticated user that could lead to cookie session leakage. D...