Smart Related Articles Project: >> Smart Related Articles >> 1.1 Security Vulnerabilities
The "Smart related articles" extension 1.1 for Joomla! has XSS in dialog.php (n_art,type in GET Method).
CVSS Score
6.1
EPSS Score
0.003
Published
2017-04-13
The "Smart related articles" extension 1.1 for Joomla! does not prevent direct requests to dialog.php (there is a missing _JEXEC check).
CVSS Score
5.3
EPSS Score
0.002
Published
2017-04-13
The "Smart related articles" extension 1.1 for Joomla! has SQL injection in dialog.php (attacker must use search_cats variable in POST method to exploit this vulnerability).
CVSS Score
9.8
EPSS Score
0.003
Published
2017-04-13