First published: Thu Jul 02 2020(Updated: )
In PrestaShop from version 1.7.0.0 and before version 1.7.6.6, if a target sends a corrupted file, it leads to a reflected XSS. The problem is fixed in 1.7.6.6
Credit: security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
Prestashop Prestashop | >1.7.0.0<1.7.6.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-15083.
The severity of CVE-2020-15083 is medium with a severity value of 6.1.
CVE-2020-15083 affects PrestaShop versions 1.7.0.0 through 1.7.6.6.
CVE-2020-15083 can lead to reflected XSS when a target sends a corrupted file.
CVE-2020-15083 can be fixed by updating PrestaShop to version 1.7.6.6 where the problem is fixed.