Project: Joomla! SubProject: CMS Impact: Low Severity: Low Versions: 3.0.0 - 3.9.25 Exploit type: XSS Reported Date: 2021-03-09 Fixed Date: 2021-04-13 CVE Number: CVE-2021-26030 Description Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error pages. Affected Installs Joomla! CMS versions 3.0.0 - 3.9.25 Solution Upgrade to version 3.9.26 Contact The JSST at the Joomla! Security Centre. Reported By: HOANG NGUYEN [20210401] - Core - Escape xss in logo parameter error pages
- Details
- Joomla RSS Feed
- Kategorie: Joomla News
Project: Joomla! SubProject: CMS Impact: Low Severity: Low Versions: 3.0.0 - 3.9.25 Exploit type: XSS Reported Date: 2021-03-09 Fixed Date: 2021-04-13 CVE Number: CVE-2021-26030 Description Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error pages. Affected Installs Joomla! CMS versions 3.0.0 - 3.9.25 Solution Upgrade to version 3.9.26 Contact The JSST at the Joomla! Security Centre. Reported By: HOANG NGUYEN - Zugriffe: 455