[GHSA-45vm-3j38-7p78] PrestaShop cross-site scripting via customer contact form in FO, through file upload

github / advisory-database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Creative Commons Attribution 4.0 International

1.7k stars 314 forks source link

[GHSA-45vm-3j38-7p78] PrestaShop cross-site scripting via customer contact form in FO, through file upload #4438

Closed aelmokhtar closed 3 months ago

aelmokhtar commented 3 months ago

Updates

Affected products
References

Comments more technical details associated to this advisory

github commented 3 months ago

Hi there @matthieu-rolland! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository.

This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory

darakian commented 3 months ago

Hi @aelmokhtar, thank you for the contribution, but we tend not to add personal blog entries to advisories. Given that this advisory originated from a github repo, I would recommend reaching out to the project and asking them to include it on their repo advisory. If they would like to include it then we can reflect that.