CVE-2021-21398

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-21398

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-21398.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-21398

Related

GHSA-fhhq-4x46-qx77

Published

2021-03-30T16:15:15.177Z

Modified

2026-04-10T04:29:38.266871Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.7.3, an attacker can inject HTML when the Grid Column Type DataColumn is badly used. The problem is fixed in 1.7.7.3

References

Affected packages

Git / github.com/prestashop/prestashop

Affected ranges

Type

GIT

Repo

https://github.com/prestashop/prestashop

Events

Introduced

aab3f53c9c31d79a6c60d9744d2a175c4d6c5194

Fixed

0c6a3128bf19d6af87d5d2c6dc40d8d378a573fc

Fixed

aaaba8177f3b3c510461b5e3249e30e60f900205

Database specific

{
    "versions": [
        {
            "introduced": "1.7.7.0"
        },
        {
            "fixed": "1.7.7.3"
        }
    ]
}

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-21398.json"