logo

Database

Reflected cross-site scripting (XSS) In prestashop/prestashop

Description

Possible XSS injection through Validate::isCleanHTML method

Impact

ValidateCore::isCleanHTML() method of Prestashop misses hijickable events which can lead to XSS injection, allowed by the presence of pre-setup @keyframes methods.

This XSS which hijacks HTML attributes will be triggered without any interaction of the visitor/administrator which makes it as dangerous as a trivial XSS.

Contrary to most XSS which target HTML attributes and which are triggered without user interaction (such as onload / onerror which suffer from a very limited scope), this one can hijack every HTML element, which increases the danger due to a complete HTML elements scope.

Patches

The patch will be on PS 8.0.4 and PS 1.7.8.9

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2023-308382. NVD-2023-308383. OSV-2023-308384. GHSA-fh7r-996q-gvcp5. GCVE-2023-30838

References

1. https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-fh7r-996q-gvcp2. https://github.com/PrestaShop/PrestaShop/commit/46408ae4b02f3b8b1bb6e9dc63af5bcd858abd9c3. https://github.com/PrestaShop/PrestaShop/commit/dc682192df0e4b0d656a8e645b29ca1b9dbe36934. https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.8.95. https://github.com/PrestaShop/PrestaShop/releases/tag/8.0.4

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.