[20180101] - Core - XSS vulnerability in module chromes
- Details
- Joomla RSS Sicherheit
- Kategorie: Joomla News
Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 3.0.0 through 3.8.3 Exploit type: XSS Reported Date: 2018-January-21 Fixed Date: 2018-January-30 CVE Number: CVE-2018-6380 Description Lack of escaping in the module chromes leads to XSS vulnerabilities in the module system. Affected Installs Joomla! CMS versions 3.0.0 through 3.8.3 Solution Upgrade to version 3.8.4 Contact The JSST at the Joomla! Security Centre. Reported By: David Jardin, JSST
- Zugriffe: 1383