CVE-2025-1230
📋 TL;DR
A stored Cross-Site Scripting (XSS) vulnerability in PrestaShop 8.1.7 allows attackers to inject malicious scripts through the 'link' parameter in the admin interface. This could enable session hijacking by stealing authenticated users' cookies. Only PrestaShop 8.1.7 installations with admin access are affected.
💻 Affected Systems
- PrestaShop
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Administrator account compromise leading to full control of the e-commerce platform, data theft, and potential malware distribution to customers.
Likely Case
Session hijacking of admin users, allowing unauthorized access to the admin panel and potential data exfiltration.
If Mitigated
Limited impact with proper input validation and output encoding in place, though some risk remains.
🎯 Exploit Status
Exploitation requires the attacker to have access to submit malicious input through the vulnerable parameter, typically requiring some level of access to the admin interface.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 8.1.8 or later
Vendor Advisory: https://www.prestashop.com/security-advisories
Restart Required: No
Instructions:
1. Backup your PrestaShop installation and database. 2. Download the latest PrestaShop version from the official website. 3. Replace the affected files with the patched versions. 4. Clear the cache and test functionality.
🔧 Temporary Workarounds
Input Validation Filter
allImplement server-side validation to sanitize the 'link' parameter input.
Modify /<admin_directory>/index.php to include input sanitization for the 'link' parameter
Content Security Policy (CSP)
allImplement CSP headers to mitigate XSS impact by restricting script execution.
Add 'Content-Security-Policy' header to your web server configuration
🧯 If You Can't Patch
- Restrict access to the admin interface using IP whitelisting or VPN.
- Implement web application firewall (WAF) rules to block XSS payloads in the 'link' parameter.
🔍 How to Verify
Check if Vulnerable:
Check if your PrestaShop version is 8.1.7 by reviewing the configuration file or admin panel.Check Version:
Check the /app/config/parameters.php file for the 'version' parameter or view in admin panel under Advanced Parameters > Information.Verify Fix Applied:
Verify the installation is running PrestaShop 8.1.8 or later and test the 'link' parameter with XSS payloads.📡 Detection & Monitoring
Log Indicators:
- Unusual 'link' parameter values in admin access logs containing script tags or JavaScript code
Network Indicators:
- HTTP requests to admin interface with suspicious 'link' parameter values
SIEM Query:
source="web_access_logs" AND uri="/admin/index.php" AND query="*link=*<script>*"