Vulnerabilities
Vulnerable Software
Joomla:  >> Joomla!  >> 3.3.1  Security Vulnerabilities
An issue was discovered in Joomla! before 3.9.16. Inadequate handling of CSS selectors in the Protostar and Beez3 JavaScript allows XSS attacks.
CVSS Score
6.1
EPSS Score
0.01
Published
2020-03-16
An issue was discovered in Joomla! before 3.9.16. The lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Featured Articles frontend menutype.
CVSS Score
9.8
EPSS Score
0.02
Published
2020-03-16
An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of com_templates causes a CSRF vulnerability.
CVSS Score
8.8
EPSS Score
0.008
Published
2020-01-28
An issue was discovered in Joomla! before 3.9.15. Missing token checks in the batch actions of various components cause CSRF vulnerabilities.
CVSS Score
8.8
EPSS Score
0.005
Published
2020-01-28
In Joomla! before 3.9.14, the lack of validation of configuration parameters used in SQL queries caused various SQL injection vectors.
CVSS Score
9.8
EPSS Score
0.017
Published
2019-12-18
An issue was discovered in Joomla! before 3.9.13. A missing token check in com_template causes a CSRF vulnerability.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-11-06
In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates.
CVSS Score
6.1
EPSS Score
0.007
Published
2019-09-24
In Joomla! before 3.9.11, inadequate checks in com_contact could allow mail submission in disabled forms.
CVSS Score
5.3
EPSS Score
0.01
Published
2019-08-14
An issue was discovered in Joomla! before 3.9.6. The debug views of com_users do not properly escape user supplied data, which leads to a potential XSS attack vector.
CVSS Score
6.1
EPSS Score
0.008
Published
2019-05-20
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVSS Score
6.1
EPSS Score
0.872
Published
2019-04-20


Contact Us

Shodan ® - All rights reserved