Количество 2
Количество 2
CVE-2020-15178
In PrestaShop contactform module (prestashop/contactform) before version 4.3.0, an attacker is able to inject JavaScript while using the contact form. The `message` field was incorrectly unescaped, possibly allowing attackers to execute arbitrary JavaScript in a victim's browser.
GHSA-95hx-62rh-gg96
Potential XSS injection In PrestaShop contactform
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-15178 In PrestaShop contactform module (prestashop/contactform) before version 4.3.0, an attacker is able to inject JavaScript while using the contact form. The `message` field was incorrectly unescaped, possibly allowing attackers to execute arbitrary JavaScript in a victim's browser. | CVSS3: 8 | 1% Низкий | больше 5 лет назад |
| GHSA-95hx-62rh-gg96 Potential XSS injection In PrestaShop contactform | CVSS3: 8 | 1% Низкий | больше 5 лет назад |
Уязвимостей на страницу