Description
In PrestaShop between versions 1.7.6.0 and 1.7.6.5, there is a reflected XSS with `back` parameter. The problem is fixed in 1.7.6.5
Remediation
References
Related Vulnerabilities
Moodle Improper Access Control Vulnerability (CVE-2016-2159)
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-9664)
Oracle Database Server Other Vulnerability (CVE-2001-0832)
Django Resource Management Errors Vulnerability (CVE-2015-5963)
WordPress Plugin IMPress for IDX Broker Unspecified Vulnerability (2.5.11)