Security Advisories - prestashop/productcomments - Packagist

prestashop/productcomments Security Advisories for v4.1.0 (3)

[MEDIUM] PrestaShop Product Comments Cross-site Scripting vulnerability

PKSA-by6n-t6zb-qfq4 CVE-2022-35933 GHSA-prrh-qvhf-x788

Affected version: <5.0.2

Reported by:
GitHub
[LOW] Blind SQL injection in PrestaShop productcomments module

PKSA-92zw-jdjx-wh86 CVE-2020-26248 GHSA-5v44-7647-xfw9

Affected version: >=4.0.0,<4.2.1

Reported by:
GitHub
[MEDIUM] Reflected XSS with parameters in PostComment

PKSA-kf3b-krrn-9jwm CVE-2020-26225 GHSA-58w4-w77w-qv3w

Affected version: >=4.0.0,<4.2.0

Reported by:
GitHub