CVE-2020-21967

CVE-2020-21967

EPSS 0.6%

File upload vulnerability in the Catalog feature in Prestashop 1.7.6.7 allows remote attackers to run arbitrary code via the add new file page.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://packetstormsecurity.com/files/167742/PrestaShop-1.7.6.7-Cross-Site-Scripting.html https://github.com/PrestaShop/PrestaShop/issues/20306