Impact
ValidateCore::isCleanHTML() method of Prestashop misses hijickable events which can lead to XSS injection, allowed by the presence of pre-setup @Keyframes methods.
This XSS which hijacks HTML attributes will be triggered without any interaction of the visitor/administrator which makes it as dangerous as a trivial XSS.
Contrary to most XSS which target HTML attributes and which are triggered without user interaction (such as onload / onerror which suffer from a very limited scope), this one can hijack every HTML element, which increases the danger due to a complete HTML elements scope.
Patches
The patch will be on PS 8.0.4 and PS 1.7.8.9
References
Impact
ValidateCore::isCleanHTML() method of Prestashop misses hijickable events which can lead to XSS injection, allowed by the presence of pre-setup @Keyframes methods.
This XSS which hijacks HTML attributes will be triggered without any interaction of the visitor/administrator which makes it as dangerous as a trivial XSS.
Contrary to most XSS which target HTML attributes and which are triggered without user interaction (such as onload / onerror which suffer from a very limited scope), this one can hijack every HTML element, which increases the danger due to a complete HTML elements scope.
Patches
The patch will be on PS 8.0.4 and PS 1.7.8.9
References