Contact Form JavaScript Injection Vulnerability in PrestaShop (Versions 1.6.0.4 - 1.7.6.8)
CVE-2020-15161 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
In PrestaShop from version 1.6.0.4 and before version 1.7.6.8 an attacker is able to inject javascript while using the contact form. The problem is fixed in 1.7.6.8
Learn more about our Contact.