Contact Form JavaScript Injection Vulnerability in PrestaShop (Versions 1.6.0.4 - 1.7.6.8)

Contact Form JavaScript Injection Vulnerability in PrestaShop (Versions 1.6.0.4 - 1.7.6.8)

CVE-2020-15161 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

In PrestaShop from version 1.6.0.4 and before version 1.7.6.8 an attacker is able to inject javascript while using the contact form. The problem is fixed in 1.7.6.8

Learn more about our Contact.