Matthieu Rolland

7 exploits Active since Sep 2023
CVE-2024-21627 WRITEUP HIGH WRITEUP
PrestaShop < 1.7.8.11 and 8.0.0-beta.1-8.1.3 - Cross-Site Scripting via isCleanHTML Method Bypass
PrestaShop is an open-source e-commerce platform. Prior to versions 8.1.3 and 1.7.8.11, some event attributes are not detected by the `isCleanHTML` method. Some modules using the `isCleanHTML` method could be vulnerable to cross-site scripting. Versions 8.1.3 and 1.7.8.11 contain a patch for this issue. The best workaround is to use the `HTMLPurifier` library to sanitize html input coming from users. The library is already available as a dependency in the PrestaShop project. Beware though that in legacy object models, fields of `HTML` type will call `isCleanHTML`.
CVSS 8.1
CVE-2023-43663 WRITEUP MEDIUM WRITEUP
PrestaShop < 8.1.2 - Improper Privilege Management via Module Disabling
PrestaShop is an Open Source e-commerce web application. In affected versions any module can be disabled or uninstalled from back office, even with low user right. This allows low privileged users to disable portions of a shops functionality. Commit `ce1f6708` addresses this issue and is included in version 8.1.2. Users are advised to upgrade. There are no known workarounds for this issue.
CVSS 6.3
CVE-2023-43664 WRITEUP MEDIUM WRITEUP
PrestaShop < 8.1.2 - Improper Privilege Management in Back Office Module Listing
PrestaShop is an Open Source e-commerce web application. In the Prestashop Back office interface, an employee can list all modules without any access rights: method `ajaxProcessGetPossibleHookingListForModule` doesn't check access rights. This issue has been addressed in commit `15bd281c` which is included in version 8.1.2. Users are advised to upgrade. There are no known workaround for this issue.
CVSS 4.3
CVE-2024-21627 WRITEUP HIGH WRITEUP
PrestaShop < 1.7.8.11 and 8.0.0-beta.1-8.1.3 - Cross-Site Scripting via isCleanHTML Method Bypass
PrestaShop is an open-source e-commerce platform. Prior to versions 8.1.3 and 1.7.8.11, some event attributes are not detected by the `isCleanHTML` method. Some modules using the `isCleanHTML` method could be vulnerable to cross-site scripting. Versions 8.1.3 and 1.7.8.11 contain a patch for this issue. The best workaround is to use the `HTMLPurifier` library to sanitize html input coming from users. The library is already available as a dependency in the PrestaShop project. Beware though that in legacy object models, fields of `HTML` type will call `isCleanHTML`.
CVSS 8.1
CVE-2024-21628 WRITEUP MEDIUM WRITEUP
PrestaShop < 8.1.3 - Stored Cross-Site Scripting via isCleanHtml Bypass
PrestaShop is an open-source e-commerce platform. Prior to version 8.1.3, the isCleanHtml method is not used on this this form, which makes it possible to store a cross-site scripting payload in the database. The impact is low because the HTML is not interpreted in BO, thanks to twig's escape mechanism. In FO, the cross-site scripting attack is effective, but only impacts the customer sending it, or the customer session from which it was sent. This issue affects those who have a module fetching these messages from the DB and displaying it without escaping HTML. Version 8.1.3 contains a patch for this issue.
CVSS 5.4
CVE-2024-36626 WRITEUP MEDIUM WRITEUP
Prestashop 8.1.4 - Memory Corruption
In prestashop 8.1.4, a NULL pointer dereference was identified in the math_round function within Tools.php.
CVSS 5.3
CVE-2025-24027 WRITEUP MEDIUM WRITEUP
PrestaShop ps_contactinfo <= 3.3.2 - Stored Cross-Site Scripting via Formatted Address Rendering
ps_contactinfo, a PrestaShop module for displaying store contact information, has a cross-site scripting (XSS) vulnerability in versions up to and including 3.3.2. This can not be exploited in a fresh install of PrestaShop, only shops made vulnerable by third party modules are concerned. For example, if the shop has a third party module vulnerable to SQL injections, then ps_contactinfo might execute a stored cross-site scripting in formatting objects. Commit d60f9a5634b4fc2d3a8831fb08fe2e1f23cbfa39 keeps formatted addresses from displaying a XSS stored in the database, and the fix is expected to be available in version 3.3.3. No workarounds are available aside from applying the fix and keeping all modules maintained and update.
CVSS 6.2