Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS)

From: Antonio S.M <antonio_s_martino@yahoo.es>
To: bugtraq@securityfocus.com
Cc:
Subject: Prestashop Cartium 1.3.3 Multiple Cross Site Scripting (XSS)
Date:


Hello,
In Prestashop Cartium 1.3.3 I have detected multiple Cross Site Scripting (XSS) 
vulnerabilities:

File                 Field
categoty.php   id_category
product.php     id_product
search.php      search_query 

Test pattern for vulnerable versions:  

"></script>alert(1)</script>

Kind Regards
Antonio San Martino


      





Copyright © 1995-2020 LinuxRocket.net. All rights reserved.