Joomla: >> Joomla! >> 3.10.0 Security Vulnerabilities
Lack of output escaping leads to a XSS vector in the pagebreak plugin.
CVSS Score
6.1
EPSS Score
0.0
Published
2026-01-06
The wrapper extensions do not correctly validate inputs, leading to XSS vectors.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-07-09
Improper handling of input could lead to an XSS vector in the StringHelper::truncate method.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-07-09
The Custom Fields component not correctly filter inputs, leading to a XSS vector.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-07-09
The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified.
CVSS Score
6.3
EPSS Score
0.0
Published
2024-02-29
Inadequate parsing of URLs could result into an open redirect.
CVSS Score
4.3
EPSS Score
0.0
Published
2024-02-29
Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-02-29
Inadequate content filtering leads to XSS vulnerabilities in various components.
CVSS Score
6.5
EPSS Score
0.003
Published
2024-02-29
The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information.
CVSS Score
7.5
EPSS Score
0.0
Published
2023-11-29
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Extracting an specifilcy crafted tar package could write files outside of the intended path.
CVSS Score
7.5
EPSS Score
0.0
Published
2022-03-30
Page 1