Description
PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to cross-site scripting through the `isCleanHTML` method. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds.
Remediation
References
Related Vulnerabilities
WordPress Plugin Shoppable Images Multiple Vulnerabilities (1.2.3)
WordPress Plugin WordPress-Amazon-Associate (WPAA) Cross-Site Scripting (2.0)
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.17)
WordPress Plugin Page and Post Clone Information Disclosure (1.1)
MediaWiki Use of Insufficiently Random Values Vulnerability (CVE-2023-22912)