Vulnerabilities > Prestashop > Prestashop > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-02 | CVE-2024-21628 | Cross-site Scripting vulnerability in Prestashop PrestaShop is an open-source e-commerce platform. | 6.1 |
| 2024-01-02 | CVE-2024-21627 | Cross-site Scripting vulnerability in Prestashop PrestaShop is an open-source e-commerce platform. | 6.1 |
| 2023-09-28 | CVE-2023-43663 | Improper Privilege Management vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 4.3 |
| 2023-09-28 | CVE-2023-43664 | Improper Privilege Management vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 4.3 |
| 2023-08-07 | CVE-2023-39527 | Improper Encoding or Escaping of Output vulnerability in Prestashop PrestaShop is an open source e-commerce web application. | 6.1 |
| 2023-04-25 | CVE-2023-30545 | SQL Injection vulnerability in Prestashop PrestaShop is an Open Source e-commerce web application. | 6.5 |
| 2022-12-08 | CVE-2022-46158 | Missing Authorization vulnerability in Prestashop PrestaShop is an open-source e-commerce solution. | 4.3 |
| 2021-12-21 | CVE-2012-20001 | Cross-site Scripting vulnerability in Prestashop PrestaShop before 1.5.2 allows XSS via the "<object data='data:text/html" substring in the message field. | 4.3 |
| 2021-02-26 | CVE-2021-21308 | Improper Authentication vulnerability in Prestashop PrestaShop is a fully scalable open source e-commerce solution. | 6.4 |
| 2021-02-26 | CVE-2021-21302 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Prestashop PrestaShop is a fully scalable open source e-commerce solution. | 6.5 |