CVE-2020-5294 MEDIUM

CVE-2020-5294: Reflected XSS with social networks fields

Vendor Prestashop
Product ps_socialfollow
Weakness CWE-79 · XSS
Published April 16, 2020
Last update August 4, 2024
View on NVD All CVEs

CVSS base score

4.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N

What the vulnerability does

01Description

PrestaShop module ps_facetedsearch versions before 2.1.0 has a reflected XSS with social networks fields The problem is fixed in 2.1.0

Key dates

02Disclosure timeline

April 16, 2020 CVE published
August 4, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2023-29188 Cross-Site Scripting (XSS) vulnerability in SAP CRM WebClient UI CVE-2025-31764 WordPress Cache control by Cacholong plugin <= 5.4.1 - Cross Site Scripting (XSS) vulnerability CVE-2026-1854 Post Flagger <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'slug' Shortcode Attribute CVE-2026-9086 Keycloak: keycloak: cross-site scripting (xss) via case-insensitive uri validation bypass CVE-2025-30836 WordPress LatePoint plugin <= 5.1.6 - Cross Site Scripting (XSS) vulnerability