Description
Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before 1.5.21 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving "multiple encoded entities," as demonstrated by the query string to index.php in the com_weblinks or com_content component.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Forum Multiple Security Vulnerbilities (1.7.8)
OpenSSL Use of Insufficiently Random Values Vulnerability (CVE-2019-1549)
WebLogic Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-40690)
WordPress Other Vulnerability (CVE-2006-5705)
WordPress Plugin IMPress for IDX Broker Cross-Site Scripting (3.0.5)