PrestaShop XSS via Customer-Thread Upload (8.1.0-8.1.5) fixed in 8.1.6
CVE-2024-34716 Published on May 14, 2024

PrestaShop vulnerable to XSS via customer contact form in FO, through file upload
PrestaShop is an open source e-commerce web application. A cross-site scripting (XSS) vulnerability that only affects PrestaShops with customer-thread feature flag enabled is present starting from PrestaShop 8.1.0 and prior to PrestaShop 8.1.6. When the customer thread feature flag is enabled through the front-office contact form, a hacker can upload a malicious file containing an XSS that will be executed when an admin opens the attached file in back office. The script injected can access the session and the security token, which allows it to perform any authenticated action in the scope of the administrator's right. This vulnerability is patched in 8.1.6. A workaround is to disable the customer-thread feature-flag.

Github Repository NVD

Vulnerability Analysis

CVE-2024-34716 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be critical as this vulnerability has a high impact to the confidentiality, integrity and availability of this component.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
REQUIRED
Scope:
CHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

What is a XSS Vulnerability?

The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

CVE-2024-34716 has been classified to as a XSS vulnerability or weakness.


Products Associated with CVE-2024-34716

Want to know whenever a new CVE is published for PrestaShop? stack.watch will email you.

PrestaShop
 

Affected Versions

PrestaShop: prestashop:

Vulnerable Packages

The following package name and versions may be associated with CVE-2024-34716

Package Manager Vulnerable Package Versions Fixed In
composer prestashop/prestashop >= 8.1.0, < 8.1.6 8.1.6

Exploit Probability

EPSS
36.67%
Percentile
97.11%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.