NotCVE - vendor:"Prestashop" product:"Prestashop" version:" > 1.7.1.0

Page 13 of 62 results (0.007 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-5681

https://notcve.org/view.php?id=CVE-2018-5681

PrestaShop 1.7.2.4 has XSS via source-code editing on the "Pages > Edit page" screen. PrestaShop 1.7.2.4 tiene XSS mediante la edición de código fuente en la pantalla "Pages > Edit page". • http://forge.prestashop.com/browse/BOOM-4612 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-5682

https://notcve.org/view.php?id=CVE-2018-5682

PrestaShop 1.7.2.4 allows user enumeration via the Reset Password feature, by noticing which reset attempts do not produce a "This account does not exist" error message. PrestaShop 1.7.2.4 permite la enumeración de usuarios mediante la característica Reset Password, al notar qué intentos de restablecimiento no producen un mensaje de error "This account does not exist". • http://forge.prestashop.com/browse/BOOM-4613 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

1...11 12 13