CVE-2024-25841 Information

Description

In the module \So Flexibilite\ (soflexibilite) from Common-Services for PrestaShop < 4.1.26 a guest (authenticated customer) can perform Cross Site Scripting (XSS) injection.

Reference

https://addons.prestashop.com/fr/transporteurs/2704-colissimo-domicile-et-points-de-retrait.html https://security.friendsofpresta.org/modules/2024/02/27/soflexibilite.html