Description PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module Remediation References CVE-2013-6295 Related Vulnerabilities MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-16781) Jenkins Incorrect Authorization Vulnerability (CVE-2017-2611) jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-9251) Atlassian Jira CVE-2019-20410 Vulnerability (CVE-2019-20410) MySQL CVE-2019-2625 Vulnerability (CVE-2019-2625) Severity Critical Classification CVE-2013-6295 CWE-269 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities