Headline

GHSA-prrh-qvhf-x788: Cross-site Scripting in prestashop/productcomments

Impact

An attacker could steal an admin’s cookie

Patches

The issue is fixed in 5.0.2

References

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

2 years ago

ghsa

Open in Source

#xss #web #git

Cross-site Scripting in prestashop/productcomments

Moderate severity GitHub Reviewed Published Aug 31, 2022 in PrestaShop/productcomments • Updated Aug 31, 2022

This package is a PrestaShop module that allows users to post reviews and rate products. There is a vulnerability where the attacker could steal an administrator's cookie. The issue is fixed in version 5.0.2.

2 years ago

CVE

Open in Source

#xss #vulnerability #web

ghsa: Latest News

GHSA-pf5v-pqfv-x8jj: OpenCanary Executes Commands From Potentially Writable Config File

3 hours ago

ghsa

GHSA-qh8g-58pp-2wxh: Eclipse Jetty URI parsing of invalid authority

3 hours ago

ghsa

GHSA-g8m5-722r-8whq: Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

3 hours ago

ghsa

GHSA-r7m4-f9h5-gr79: Eclipse Jetty's PushSessionCacheFilter can cause remote DoS attacks

3 hours ago

ghsa

GHSA-3c32-4hq9-6wgj: SpiceDB calls to LookupResources using LookupResources2 with caveats may return context is missing when it is not

3 hours ago

ghsa

Headline

GHSA-prrh-qvhf-x788: Cross-site Scripting in prestashop/productcomments

Impact

Patches

References

Related news

ghsa: Latest News