Lucene search
Veracode Vulnerability DatabaseVERACODE:36880HistorySep 01, 2022 - 6:45 a.m.
Cross-site Scripting (XSS)
2022-09-0106:45:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
cross-site scripting
data sanitization
administrator cookie
0.001 Low
EPSS
Percentile
26.2%
prestashop/productcomments is vulnerable to cross-site scripting. The vulnerability exists due to a lack of sanitization of input allowing an attacker to inject maliciously crafted script to obtain an administrator cookie.
| CPE | Name | Operator | Version |
|---|---|---|---|
| prestashop/productcomments | eq | v5.0.1 | |
| prestashop/productcomments | eq | v5.0.1 |
Related
github
github
PrestaShop Product Comments Cross-site Scripting vulnerability
2022-08-31 21:27:38
cvelist
cvelist
cve
cve
CVE-2022-35933
2022-09-02 20:15:08
osv
osv
CVE-2022-35933
2022-09-02 20:15:08
PrestaShop Product Comments Cross-site Scripting vulnerability
2022-08-31 21:27:38
nvd
nvd
CVE-2022-35933
2022-09-02 20:15:08
prion
prion
Design/Logic Flaw
2022-09-02 20:15:00
cnvd
cnvd
PrestaShop Cross-Site Scripting Vulnerability (CNVD-2022-62230)
2022-09-06 00:00:00