1. Home
  2. Mapping Frameworks
  3. CVE Home
  4. PrestaShop

CVE CVE-2020-5270 Mappings

In PrestaShop between versions 1.7.6.0 and 1.7.6.5, there is an open redirection when using back parameter. The impacts can be many, and vary from the theft of information and credentials to the redirection to malicious websites containing attacker-controlled content, which in some cases even cause XSS attacks. So even though an open redirection might sound harmless at first, the impacts of it can be severe should it be exploitable. The problem is fixed in 1.7.6.5

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2020-5270 PrestaShop secondary_impact T1036 Masquerading
CVE-2020-5270 PrestaShop secondary_impact T1059.007 JavaScript
CVE-2020-5270 PrestaShop secondary_impact T1557 Man-in-the-Middle
CVE-2020-5270 PrestaShop secondary_impact T1005 Data from Local System
CVE-2020-5270 PrestaShop exploitation_technique T1566.002 Spearphishing Link