First published: Thu Jan 09 2020(Updated: )
In PrestaShop 1.7.6.2, XSS can occur during addition or removal of a QuickAccess link. This is related to AdminQuickAccessesController.php, themes/default/template/header.tpl, and themes/new-theme/js/header.js.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Prestashop Prestashop | =1.7.6.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this PrestaShop vulnerability is CVE-2020-6632.
The severity of CVE-2020-6632 is medium.
The XSS vulnerability in PrestaShop 1.7.6.2 occurs during the addition or removal of a QuickAccess link.
The files related to the XSS vulnerability in PrestaShop 1.7.6.2 are AdminQuickAccessesController.php, themes/default/template/header.tpl, and themes/new-theme/js/header.js.
To fix the XSS vulnerability in PrestaShop 1.7.6.2, it is recommended to apply the security patch provided by PrestaShop.