CVE-2013-4792
MEDIUMPrestaShop < 1.4.11 - Cross-Site Request Forgery via Logout Action
Title source: llmDescription
PrestaShop before 1.4.11 allows logout CSRF.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
http://davidsopaslabs.blogspot.com/2013/07/prestashop-persistent-xss-and-csrf.html
Scores
CVSS v3
5.5
EPSS
0.0028
EPSS Percentile
20.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Details
CWE
CWE-352
Status
published
Products (1)
prestashop/prestashop
< 1.4.11
Published
Feb 14, 2020
Tracked Since
Feb 18, 2026