Lucene search
+L

4 matches found

NVD
NVD
added 2023/05/11 10:15 p.m.22 views

CVE-2023-31508

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2020-15178. Reason: This record is a duplicate of CVE-2020-15178. Notes: All CVE users should reference CVE-2020-15178 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage...

8.6AI score
Exploits0
Cvelist
Cvelist
added 2020/09/15 5:50 p.m.29 views

CVE-2020-15178 Potential XSS in PrestaShop contactform

In PrestaShop contactform module prestashop/contactform before version 4.3.0, an attacker is able to inject JavaScript while using the contact form. The message field was incorrectly unescaped, possibly allowing attackers to execute arbitrary JavaScript in a victim's browser...

8CVSS9.4AI score0.01223EPSS
Exploits0References3
CVE
CVE
added 2020/09/15 5:50 p.m.66 views

CVE-2020-15178

CVE-2020-15178 affects the PrestaShop contactform module (prestashop/contactform) prior to version 4.3.0. The vulnerability arises from incorrect unescaping of the message field in the contact form, enabling an attacker to inject and execute arbitrary JavaScript in a victim’s browser (XSS). Multi...

9.3CVSS8.7AI score0.01223EPSS
Exploits0References3Affected Software1
CVE
CVE
added 1976/01/01 12:0 a.m.51 views

CVE-2023-31508

This CVE (CVE-2023-31508) is a duplicate of CVE-2020-15178 for the PrestaShop contactform module. Affected: prestashop/contactform before version 4.3.0. Root cause: the message field was not properly escaped, enabling injection of JavaScript into a victim’s browser via the contact form. Impact: a...

7.5AI score
Exploits0
Rows per page
Query Builder