Description

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow remote attackers to inject arbitrary web script or HTML via the (1) Title or (2) Section Name form fields in the Section Manager component, or (3) multiple unspecified fields in New Menu Item.

Remediation

References

CVE-2007-5577

Related Vulnerabilities

WordPress Plugin Advanced Custom Fields (ACF) Arbitrary File Upload (5.12.2)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3180)

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-3554)

WordPress Plugin Booster Elite for WooCommerce Multiple Cross-Site Request Forgery Vulnerabilities (6.0.0)

Atlassian Jira Incorrect Behavior Order: Validate Before Canonicalize Vulnerability (CVE-2022-26137)

Severity

Medium

Classification

CVE-2007-5577 CWE-707

Tags

Missing Update Known Vulnerabilities