CVE-2022-35933

Name of the Vulnerable Software and Affected Versions PrestaShop module versions prior to 5.0.2

Description The issue allows an attacker to steal an administrator's cookie, potentially leading to unauthorized access. The problem is related to improper neutralization of input during web page generation, which can facilitate cross-site scripting attacks.

Recommendations For versions prior to 5.0.2, update to version 5.0.2 to resolve the issue. As a temporary workaround, consider restricting access to administrator accounts until the update can be applied.