Unknown · Prestashop · CVE-2022-21686
**Name of the Vulnerable Software and Affected Versions**
PrestaShop versions 1.7.0.0 through 1.7.8.3
**Description**
PrestaShop is an Open Source e-commerce platform. An attacker is able to inject twig code inside the back office when using the legacy layout.
**Recommendations**
For versions 1.7.0.0 through 1.7.8.3, update to version 1.7.8.3 or later to resolve the issue.
As a temporary workaround, consider disabling the legacy layout until a patch is available.