CVE-2021-21398

Published March 30th, 2021

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

3.5

LOW

Affected

PROJECT

Description

PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.7.3, an attacker can inject HTML when the Grid Column Type DataColumn is badly used. The problem is fixed in 1.7.7.3

PrestaShop/PrestaShop

PrestaShop is the universal open-source software platform to build your e-commerce solution.

GitHub

9.1K