Описание
PrestaShop Stored Cross-Site Scripting Vulnerability
PrestaShop before 1.4.11 allows Logistician, translators and other low level profiles/accounts to inject a persistent XSS vector on TinyMCE.
Пакеты
Наименование
prestashop/prestashop
composer
Затронутые версииВерсия исправления
< 1.4.11
1.4.11
Связанные уязвимости
CVSS3: 5.4
nvd
почти 6 лет назад
PrestaShop before 1.4.11 allows Logistician, translators and other low level profiles/accounts to inject a persistent XSS vector on TinyMCE.