[20170705] - Core - XSS Vulnerability

  • Project: Joomla!
  • SubProject: CMS
  • Severity: Low
  • Versions: 1.5.0 through 3.7.3
  • Exploit type: XSS
  • Reported Date: 2017-April-26
  • Fixed Date: 2017-July-25
  • CVE Number:CVE-2017-11612

Description

Inadequate filtering of potentially malicious HTML tags leads to XSS vulnerabilities in various components.

Affected Installs

Joomla! CMS versions 1.5.0 through 3.7.3

Solution

Upgrade to version 3.7.4

Contact

The JSST at the Joomla! Security Centre.

Reported By: Beat B, JSST

Read more http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/uutSEqYQKbU/701-20170605-core-xss-vulnerability.html

Add comment

Be nice, No ovet advertising unless you agree to our rates. Posting indicates agreement and consent.


Security code
Refresh