Description
An issue was discovered in Joomla! 4.0.0 through 4.1.0. Under specific circumstances, JInput pollutes method-specific input bags with $_REQUEST data.
Remediation
References
Related Vulnerabilities
WordPress Plugin Google XML Sitemaps Cross-Site Scripting (4.0.9)
MySQL CVE-2020-14540 Vulnerability (CVE-2020-14540)
WordPress Plugin bbPress Move Topics PHP Object Injection (1.1.4)
ReviveAdserver URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-5433)
WordPress Plugin Software License Manager Cross-Site Request Forgery (4.4.5)