CVE-2020-5265 MEDIUM

CVE-2020-5265: Reflected XSS on AdminAttributesGroups page of PrestaShop

Vendor Prestashop
Product PrestaShop
Weakness CWE-79 · XSS
Published April 20, 2020
Last update August 4, 2024

CVSS base score

4.4/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

In PrestaShop between versions 1.7.6.1 and 1.7.6.5, there is a reflected XSS on AdminAttributesGroups page. The problem is patched in 1.7.6.5.

Key dates

02Disclosure timeline

April 20, 2020 CVE published
August 4, 2024 Record updated