Description
Cross-site scripting (XSS) vulnerability in redirect.php in the Socolissimo module (modules/socolissimo/) in PrestaShop before 1.4.7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to "parameter names and values."
Remediation
References
Related Vulnerabilities
WordPress Plugin Track That Stat 'data' Parameter Cross-Site Scripting (1.0.8)
Nginx Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2263)
WordPress Plugin Malware Scanner Privilege Escalation (4.7.2)
WordPress Plugin Dean's Permalinks Migration Cross-Site Request Forgery (1.0)
WordPress Plugin Search & Replace PHP Object Injection (3.2.2)