Joomla: >> Joomla! >> 3.6.1 Security Vulnerabilities
An issue was discovered in Joomla! 2.5.0 through 3.9.24. Missing filtering of messages showed to users that could lead to xss issues.
CVSS Score
6.1
EPSS Score
0.009
Published
2021-03-04
An issue was discovered in Joomla! 2.5.0 through 3.9.24. Missing filtering of feed fields could lead to xss issues.
CVSS Score
6.1
EPSS Score
0.009
Published
2021-03-04
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Missing input validation within the template manager.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-03-04
An issue was discovered in Joomla! 3.0.0 through 3.9.24. com_media allowed paths that are not intended for image uploads
CVSS Score
7.5
EPSS Score
0.586
Published
2021-03-04
An issue was discovered in Joomla! 3.0.0 through 3.9.24. Incorrect ACL checks could allow unauthorized change of the category for an article.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-03-04
An issue was discovered in Joomla! 3.0.0 through 3.9.24. Extracting an specifilcy crafted zip package could write files outside of the intended path.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-03-04
An issue was discovered in Joomla! 1.6.0 through 3.9.24. Inadequate filtering of form contents could allow to overwrite the author field.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-03-04
An issue was discovered in Joomla! 3.0.0 through 3.9.23. The lack of ACL checks in the orderPosition endpoint of com_modules leak names of unpublished and/or inaccessible modules.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-01-12
An issue was discovered in Joomla! 3.1.0 through 3.9.23. The lack of escaping of image-related parameters in multiple com_tags views cause lead to XSS attack vectors.
CVSS Score
6.1
EPSS Score
0.028
Published
2021-01-12
An issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input validation while handling ACL rulesets can cause write ACL violations.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-12-28