CVE-2013-4791

CVE-2013-4791

EPSS 0.6%

PrestaShop before 1.4.11 allows Logistician, translators and other low level profiles/accounts to inject a persistent XSS vector on TinyMCE.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://davidsopaslabs.blogspot.com/2013/07/prestashop-persistent-xss-and-csrf.html