[20210701] - Core - XSS in JForm Rules field
- Details
- Joomla RSS Feed
- Kategorie: Joomla News
Project: Joomla! SubProject: CMS Impact: Low Severity: Low Versions: 3.0.0 - 3.9.27 Exploit type: XSS Reported Date: 2021-05-29 Fixed Date: 2021-07-06 CVE Number: CVE-2021-26035 Description Inadequate escaping in the Rules field of the JForm API leads to a XSS vulnerability. Affected Installs Joomla! CMS versions 3.0.0 - 3.9.27 Solution Upgrade to version 3.9.28 Contact The JSST at the Joomla! Security Centre. Reported By: Hoang Nguyen
- Zugriffe: 946