2020-02-14 01:15:00 2020-02-18 15:47:00

PrestaShop before 1.4.11 allows Logistician, translators and other low level profiles/accounts to inject a persistent XSS vector on TinyMCE.

Vector

NETWORK

Complexity

MEDIUM

Authentication

SINGLE

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE