1 results (0.008 seconds)
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0
CVE-2020-5277 – Reflected XSS with url_name parameter of PrestaShop module ps_facetedsearch
https://notcve.org/view.php?id=CVE-2020-5277
PrestaShop module ps_facetedsearch versions before 3.5.0 has a reflected XSS with `url_name` parameter. The problem is fixed in 3.5.0 El módulo ps_facetedsearch de PrestaShop versiones anteriores a 3.5.0, presenta una vulnerabilidad de tipo XSS reflejado con el parámetro "url_name". El problema es corregido en la versión 3.5.0 • https://github.com/PrestaShop/ps_facetedsearch/commit/c792ddcdd84ec208a6dfa4a30fd66d8bc9863f4a https://github.com/PrestaShop/ps_facetedsearch/security/advisories/GHSA-mmmv-m5q9-g3cm • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •