3 matches found
Exploit for CVE-2024-22890
CVE List CVE-2024-22890: My e-Diary App - Cross-Site-Script...
Design/Logic Flaw
This package is a PrestaShop module that allows users to post reviews and rate products. There is a vulnerability where the attacker could steal an administrator's cookie. The issue is fixed in version 5.0.2...
CVE-2022-35933
PrestaShop Product Comments module (for PrestaShop) is affected by a cross-site scripting vulnerability prior to 5.0.2 that can allow an attacker to steal an administrator’s cookie. The root cause is insufficient filtering/escaping of user-supplied data, enabling cookie theft via crafted input. R...