The ongoing work on security for PrestaShop software continues. We have identified and fixed a new security issue on module Product Comments.
This issue is fixed in latest version 4.2.0.
Security fix
One security fix has been included in this minor version:
- Reflected XSS with parameters in PostComment
(security advisory)
More information about why it is important to update:
Other changes
The version v4.2.0 of the module also brings some new improvements, you can read the full Changelog here.
How to upgrade
You should be able to download the latest version from your Back Office.
This post is also available in: English