Description

Cross-site scripting (XSS) vulnerability in redirect.php in the Socolissimo module (modules/socolissimo/) in PrestaShop before 1.4.7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to "parameter names and values."

Remediation

References

CVE-2012-6641

Related Vulnerabilities

IBM RTC CVE-2019-4084 Vulnerability (CVE-2019-4084)

PmWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1481)

osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43723)

Python Integer Overflow or Wraparound Vulnerability (CVE-2008-4864)

IBM RTC Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2020-4547)

Severity

Medium

Classification

CVE-2012-6641 CWE-707

Tags

Missing Update Known Vulnerabilities