Joomla: >> Joomla! Security Vulnerabilities
The mail template feature lacks an escaping mechanism, causing XSS vectors in multiple extensions.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-08-20
Improper Access Controls allows backend users to overwrite their username when disallowed.
CVSS Score
7.5
EPSS Score
0.0
Published
2024-08-20
The wrapper extensions do not correctly validate inputs, leading to XSS vectors.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-07-09
Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-07-09
The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector.
CVSS Score
5.4
EPSS Score
0.0
Published
2024-07-09
Improper handling of input could lead to an XSS vector in the StringHelper::truncate method.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-07-09
The Custom Fields component not correctly filter inputs, leading to a XSS vector.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-07-09
The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified.
CVSS Score
6.3
EPSS Score
0.0
Published
2024-02-29
Inadequate parsing of URLs could result into an open redirect.
CVSS Score
4.3
EPSS Score
0.0
Published
2024-02-29
Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-02-29