logo

Database

Server side cross-site scripting In prestashop/prestashop

Description

PrestaShop XSS can be stored in DB from "add a message form" in order detail page (FO)

Impact

The isCleanHtml method is not used on this this form, which makes it possible to store an xss in DB. The impact is low because the html is not interpreted in BO, thanks to twig's escape mechanism. In FO, the xss is effective, but only impacts the customer sending it, or the customer session from which it was sent.

Be careful if you have a module fetching these messages from the DB and displaying it without escaping html.

Patches

8.1.x

Reporter

Reported by Rona Febriana (linkedin: https://www.linkedin.com/in/rona-febriana/)

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2024-216282. NVD-2024-216283. OSV-2024-216284. GHSA-vr7m-r9vm-m4wf5. GCVE-2024-21628

References

1. https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-vr7m-r9vm-m4wf2. https://github.com/PrestaShop/PrestaShop/commit/afc45b93b3cc33be0e571559d2838c6960d988563. https://github.com/PrestaShop/PrestaShop/commit/c3d78b7e49f5fe49a9d07725c3174d005deaa597

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.