更新: 319 个文件 - 2026-03-31 03:06:10

2026-03-31 03:06:11 -07:00
--- a/08-threat-intel/registry/advisories/prestashop--CVE-2026-33673.json
+++ b/08-threat-intel/registry/advisories/prestashop--CVE-2026-33673.json
@@ -7,7 +7,7 @@
  "title": "PrestaShop has multiple stored XSS vulnerabilities via unprotected Template variables",
  "summary": "### Impact\nMultiple stored Cross-Site Scripting (stored XSS) vulnerabilities in the BO: an attacker who can inject data into the database, via limited back-office access or a previously existing vulnerability, can exploit unprotected variables in back-office templates.\n\n### Patches\nPatched on 8.2.5 and 9.1.0\n\n### Workarounds\nNone\n\n### References\nNone",
  "published_at": "2026-03-25T19:41:50Z",
-  "updated_at": "2026-03-27T21:52:37.272493Z",
+  "updated_at": "2026-03-30T12:26:07.105030Z",
  "severity": "low",
  "cvss_score": 3.1,
  "exploit_status": "unknown",
@@ -20,6 +20,7 @@
    "https://github.com/PrestaShop/PrestaShop/releases/tag/9.1.0"
  ],
  "aliases": [
+    "BIT-prestashop-2026-33673",
    "CVE-2026-33673",
    "GHSA-35pf-37c6-jxjv"
  ],