Prestashop · Prestashop · CVE-2020-15162
**Name of the Vulnerable Software and Affected Versions**
PrestaShop versions 1.5.0.0 through 1.7.6.7
**Description**
The issue allows users to send compromised files, which can contain malicious JavaScript, triggering an XSS payload.
**Recommendations**
For PrestaShop versions 1.5.0.0 through 1.7.6.7, update to version 1.7.6.8 to resolve the issue.