Vulnerabilities > Prestashop > Productcomments
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-02 | CVE-2022-35933 | Cross-site Scripting vulnerability in Prestashop Productcomments This package is a PrestaShop module that allows users to post reviews and rate products. | 6.1 |
| 2020-12-03 | CVE-2020-26248 | SQL Injection vulnerability in Prestashop Productcomments In the PrestaShop module "productcomments" before version 4.2.1, an attacker can use a Blind SQL injection to retrieve data or stop the MySQL service. | 8.2 |