EPSS
Percentile
19.4%
prestashop/ps_linklist is vulnerable to cross-site scripting. The vulnerability exists because the custom URLs are not validated in ‘buildForm’ function in ‘CustomUrlType.php’ allowing a malicious attacker to inject arbitrary scripts.
github.com/PrestaShop/ps_linklist/commit/83e6e0bdda2287f4d6e64127cb90c41d26b5ad82
github.com/PrestaShop/ps_linklist/security/advisories/GHSA-cx2r-mf6x-55rx