Описание
PrestaShop Cross-site Scripting vulnerability
In PrestaShop 1.7.5.2, the shop_country parameter in the install/index.php installation script/component is affected by Reflected XSS. Exploitation by a malicious actor requires the user to follow the initial stages of the setup (accepting terms and conditions) before executing the malicious link.
Пакеты
Наименование
prestashop/prestashop
composer
Затронутые версииВерсия исправления
= 1.7.5.2
1.7.6.0
Связанные уязвимости
CVSS3: 6.1
nvd
около 6 лет назад
In PrestaShop 1.7.5.2, the shop_country parameter in the install/index.php installation script/component is affected by Reflected XSS. Exploitation by a malicious actor requires the user to follow the initial stages of the setup (accepting terms and conditions) before executing the malicious link.