prestashop/ps_linklist is vulnerable to cross-site scripting. The vulnerability exists because the custom URLs are not validated in ‘buildForm’ function in ‘CustomUrlType.php’ allowing a malicious attacker to inject arbitrary scripts.
CPE | Name | Operator | Version |
---|---|---|---|
prestashop/ps_linklist | le | v3.0.4 | |
prestashop/ps_linklist | le | v3.0.4 |