[20210304] - Core - XSS within the feed parser library
- Details
- Joomla RSS Feed
- Kategorie: Joomla News
Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 2.5.0 - 3.9.24 Exploit type: XSS Reported Date: 2020-05-05 Fixed Date: 2021-03-02 CVE Number: CVE-2021-23130 Description Missing filtering of feed fields could lead to xss issues. Affected Installs Joomla! CMS versions 2.5.0 - 3.9.24 Solution Upgrade to version 3.9.25 Contact The JSST at the Joomla! Security Centre. Reported By: Bui Duc Anh Khoa from Viettel Cyber Security
- Zugriffe: 355