First published: Wed Mar 31 2021(Updated: )
ps_emailsubscription is a newsletter subscription module for the PrestaShop platform. An employee can inject javascript in the newsletter condition field that will then be executed on the front office The issue has been fixed in 2.6.1
Credit: security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
Prestashop Ps Emailsubscription | >=2.6.0<2.6.1 |
https://github.com/PrestaShop/ps_emailsubscription/commit/664ffb225e2afb4a32640bbedad667dc6e660b70
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.