Impact
Stored XSS when using the name of a quick access item.
Patches
The problem is fixed in 1.7.6.6
Workarounds
If the name is suspicious, do not click or try to remove it.
After getting the id, execute this SQL query:
DELETE FROM `ps_quick_access` WHERE `ps_quick_access`.`id_quick_access` = QUICK_ACCESS_ID
References
Cross-site Scripting (XSS) - Stored (CWE-79)
Impact
Stored XSS when using the name of a quick access item.
Patches
The problem is fixed in 1.7.6.6
Workarounds
If the name is suspicious, do not click or try to remove it.
After getting the id, execute this SQL query:
References
Cross-site Scripting (XSS) - Stored (CWE-79)