[20190901] - Core - XSS in logo parameter of default templates
- Details
- Joomla RSS Feed
- Kategorie: Joomla News
Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 3.0.0-3.9.11 Exploit type: XSS Reported Date: 2019-August-28 Fixed Date: 2019-September-24 CVE Number: CVE-2019-16725 Description Inadequate escaping allowed XSS attacks using the logo parameter of the default templates. Affected Installs Joomla! CMS versions 3.0.0 - 3.9.11 Solution Upgrade to version 3.9.12 Contact The JSST at the Joomla! Security Centre. Reported By: Aswin M Guptha
- Zugriffe: 638