Joomla: >> Joomla! Security Vulnerabilities
The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector.
CVSS Score
5.4
EPSS Score
0.0
Published
2024-07-09
Improper handling of input could lead to an XSS vector in the StringHelper::truncate method.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-07-09
The Custom Fields component not correctly filter inputs, leading to a XSS vector.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-07-09
The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified.
CVSS Score
6.3
EPSS Score
0.0
Published
2024-02-29
Inadequate parsing of URLs could result into an open redirect.
CVSS Score
4.3
EPSS Score
0.0
Published
2024-02-29
Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-02-29
Inadequate escaping of mail addresses lead to XSS vulnerabilities in various components.
CVSS Score
6.1
EPSS Score
0.012
Published
2024-02-29
Inadequate content filtering leads to XSS vulnerabilities in various components.
CVSS Score
6.5
EPSS Score
0.003
Published
2024-02-29
The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-11-29
An issue was discovered in Joomla! 4.2.0 through 4.3.1. Lack of input validation caused an open redirect and XSS issue within the new mfa selection screen.
CVSS Score
6.1
EPSS Score
0.0
Published
2023-05-30