ReportizFlow
Filtered by vendor Prestashop
Subscriptions
Filtered by product Contactform
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-15178 | 1 Prestashop | 1 Contactform | 2024-11-21 | 8 High |
| In PrestaShop contactform module (prestashop/contactform) before version 4.3.0, an attacker is able to inject JavaScript while using the contact form. The `message` field was incorrectly unescaped, possibly allowing attackers to execute arbitrary JavaScript in a victim's browser. | ||||
Page 1 of 1.