Description
PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to cross-site scripting through the `isCleanHTML` method. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds.
Remediation
References
Related Vulnerabilities
MySQL CVE-2018-3162 Vulnerability (CVE-2018-3162)
Drupal Missing Authorization Vulnerability (CVE-2017-6923)
WordPress Plugin Simple Ads Manager Local File Inclusion (2.10.0.130)
WordPress 4.3.x Cross-Site Scripting Vulnerability (4.3 - 4.3.3)
WordPress Plugin Fast Secure Contact Form Cross-Site Scripting (4.0.35)