Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 3.6.0 through 3.9.6 Exploit type: XSS Reported Date: 2019-January-01 Fixed Date: 2019-June-11 CVE Number: CVE-2019-12766 Description The subform fieldtype does not sufficiently filter or validate input of subfields, this leads to XSS attack vectors. Affected Installs Joomla! CMS versions 3.6.0 through 3.9.6 Solution Upgrade to version 3.9.7 Contact The JSST at the Joomla! Security Centre. Reported By: Volkmar Schlothauer, ghsvs.de [20190602] - Core - XSS in subform field
- Details
- Joomla RSS Feed
- Kategorie: Joomla News
Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 3.6.0 through 3.9.6 Exploit type: XSS Reported Date: 2019-January-01 Fixed Date: 2019-June-11 CVE Number: CVE-2019-12766 Description The subform fieldtype does not sufficiently filter or validate input of subfields, this leads to XSS attack vectors. Affected Installs Joomla! CMS versions 3.6.0 through 3.9.6 Solution Upgrade to version 3.9.7 Contact The JSST at the Joomla! Security Centre. Reported By: Volkmar Schlothauer, ghsvs.de - Zugriffe: 614