Description

An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error page

Remediation

References

CVE-2021-26030

Related Vulnerabilities

WordPress Plugin Testimonials by BestWebSoft Cross-Site Scripting (0.1.8)

Zope Web Application Server Other Vulnerability (CVE-2002-0688)

Magento Improper Input Validation Vulnerability (CVE-2021-28585)

WordPress Plugin Easy Panorama Cross-Site Scripting (1.1.4)

Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-1280)

Severity

Medium

Classification

CVE-2021-26030 CWE-707

Tags

Missing Update Known Vulnerabilities