Description
Cross-site scripting (XSS) vulnerability in blocklayered-ajax.php in the blocklayered module in PrestaShop 1.6.0.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the layered_price_slider parameter.
Remediation
References
Related Vulnerabilities
Dolibarr Missing Authorization Vulnerability (CVE-2018-10092)
PostgreSQL Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2024-7348)
WordPress Plugin Simple Ads Manager Local File Inclusion (2.10.0.130)
PHP Other Vulnerability (CVE-2007-1710)
WordPress Plugin Login by Auth0 Multiple Vulnerabilities (3.11.3)