thirtybees

vulnerability cross-site scripting (xss)
severity 4.7
language php
registry other

Description

Thirty bees is matured e-commerce solution which once started as a fork of PrestaShop 1.6.1.11 and is still compatible with (almost) all PS 1.6 modules. Its focus is on stability, correctness and reliability of the rich feature set, to allow merchants to focus on growing their business. this package is vulnerable to Stored Cross-Site Scripting (XSS).

https://github.com/thirtybees/thirtybees

Steps To Reproduce & POC

gdrive

Impact

Run any javascript payloads

References