1. Home
  2. Mapping Frameworks
  3. CVE Home
  4. ps_linklist

CVE CVE-2020-5266 Mappings

In the ps_link module for PrestaShop before version 3.1.0, there is a stored XSS when you create or edit a link list block with the title field. The problem is fixed in 3.1.0

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2020-5266 ps_linklist primary_impact T1059.007 JavaScript
CVE-2020-5266 ps_linklist secondary_impact T1557 Man-in-the-Middle
CVE-2020-5266 ps_linklist exploitation_technique T1189 Drive-by Compromise