CVE-2020-5264

Medium

In PrestaShop before version 1.7.6.5, there is a reflected XSS while running the security compromised page. It allows anyone to execute…

GitHub_M·CWE-79·Published 2020-04-20

CVSS

6.1

EPSS

0.01

KEV

Exploits

cve.orgen

192 chars

In PrestaShop before version 1.7.6.5, there is a reflected XSS while running the security compromised page. It allows anyone to execute arbitrary action. The problem is patched in the 1.7.6.5.

NVDen

192 chars

In PrestaShop before version 1.7.6.5, there is a reflected XSS while running the security compromised page. It allows anyone to execute arbitrary action. The problem is patched in the 1.7.6.5.

En PrestaShop versiones anteriores a 1.7.6.5, hay una vulnerabilidad de tipo XSS reflejado mientras se ejecuta la página security compromised. Permite a cualquiera ejecutar una acción arbitraria. El problema está solucionado en la versión 1.7.6.5.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N
3.1	Primary	NVD	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3.1	Primary	cve.org	4.4	—	—	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N
3.1	Primary	cve.org	4.4	—	—	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N
3.1	Secondary	NVD	4.4	1.3	2.7	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N