Description
PrestaShop is an open source e-commerce web application. Versions prior to 1.7.8.10, 8.0.5, and 8.1.1 are vulnerable to cross-site scripting through the `isCleanHTML` method. Versions 1.7.8.10, 8.0.5, and 8.1.1 contain a patch. There are no known workarounds.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce PayU India (PayUmoney-PayUbiz) Parameter Tampering (2.1.1)
WordPress Plugin Cool Timeline (Horizontal & Vertical Timeline) Security Bypass (2.3.3)
OpenSSL Inadequate Encryption Strength Vulnerability (CVE-2020-1968)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8656)