3 matches found
CVE-2020-15161
In PrestaShop from version 1.6.0.4 and before version 1.7.6.8 an attacker is able to inject javascript while using the contact form. The problem is fixed in 1.7.6.8...
CVE-2020-15161 Potential XSS in PrestaShop
In PrestaShop from version 1.6.0.4 and before version 1.7.6.8 an attacker is able to inject javascript while using the contact form. The problem is fixed in 1.7.6.8...
CVE-2020-15161
Summary: CVE-2020-15161 affects PrestaShop. Versions 1.6.0.4 and earlier than 1.7.6.8 allow an attacker to inject JavaScript via the contact form, due to improper handling of externally entered data during code snippet construction. The issue is addressed in version 1.7.6.8. Impact & context (per...