Description
In PrestaShop between versions 1.7.1.0 and 1.7.6.5, there is a reflected XSS on AdminCarts page with `cartBox` parameter The problem is fixed in 1.7.6.5
Remediation
References
Related Vulnerabilities
PostgreSQL Improper Input Validation Vulnerability (CVE-2013-0255)
WordPress Plugin user files Arbitrary File Upload (2.4.2)
WordPress Plugin Server Status by Hostname/IP SQL Injection (4.6)
PHP Improper Input Validation Vulnerability (CVE-2009-3291)
WordPress Plugin Videox7 UGC 'listid' Parameter Cross-Site Scripting (2.5.3.2)