Description
In PrestaShop between versions 1.7.6.1 and 1.7.6.5, there is a reflected XSS on AdminFeatures page by using the `id_feature` parameter. The problem is fixed in 1.7.6.5
Remediation
References
Related Vulnerabilities
Magento CVE-2019-8107 Vulnerability (CVE-2019-8107)
WordPress Plugin Currency Switcher for WooCommerce Security Bypass (2.11.1)
WordPress Plugin Menu Image Malware/Addware Notification (2.6.9)
Oracle Database Server CVE-2014-2478 Vulnerability (CVE-2014-2478)
WordPress Plugin Simple Security Multiple Cross-Site Scripting Vulnerabilities (1.1.5)