CVE-2012-20001
CVE-2012-20001
PrestaShop before 1.5.2 allows XSS via the "<object data='data:text/html" substring in the message field.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://seclists.org/bugtraq/2012/Nov/1