CVE-2020-5265

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-5265

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-5265.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-5265

Related

GHSA-7fmr-5vcc-329j

Published

2020-04-20T17:15:15.350Z

Modified

2026-03-13T22:42:55.854806Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

In PrestaShop between versions 1.7.6.1 and 1.7.6.5, there is a reflected XSS on AdminAttributesGroups page. The problem is patched in 1.7.6.5.

References

Affected packages

Git / github.com/prestashop/prestashop

Affected ranges

Type

GIT

Repo

https://github.com/prestashop/prestashop

Events

Introduced

Fixed

270ed6f80fad51036441a381e351de86858c163c

Fixed

622ba66ffdbf48b399875003e00bc34d8a3ef712

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.7.6.5"
        }
    ]
}

Affected versions

1.*

1.5.3.0

1.5.4.1

1.5.6.0

1.5.6.1

1.5.6.2

1.6.0.1

1.6.0.11

1.6.0.12

1.6.0.13

1.6.0.14

1.6.0.2

1.6.0.3

1.6.0.4

1.6.0.5

1.6.0.6

1.6.0.7

1.6.0.8

1.6.0.9

1.6.1.0

1.6.1.1

1.6.1.2-RC3

1.7.0.0

1.7.0.0-beta.1.0

1.7.0.0-beta.2.0

1.7.0.0-beta.3.0

1.7.0.0-beta.4.0

1.7.0.0-rc.0.0

1.7.0.1

1.7.0.2

1.7.0.3

1.7.0.4

1.7.0.5

1.7.0.6

1.7.1.0

1.7.1.1

1.7.1.2

1.7.2.0

1.7.2.0-rc.1.0

1.7.2.1

1.7.2.2

1.7.2.3

1.7.2.4

1.7.3.0

1.7.3.1

1.7.3.2

1.7.3.3

1.7.3.4

1.7.4.0

1.7.4.1

1.7.4.2

1.7.4.3

1.7.5.0

1.7.5.0-rc.1

1.7.5.1

1.7.6.0

1.7.6.0-beta.1

1.7.6.0-rc.1

1.7.6.0-rc.2

1.7.6.1

1.7.6.2

1.7.6.3

1.7.6.4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-5265.json"