Joomla! < 1.7.0 XSS
Impact: High
Description
Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it. OWASP
Recommendation
Upgrade Joomla! to the latest stable version.
References
- Joomla!
- OWASP: Cross Site Scripting (XSS)
- OWASP: XSS Prevention Cheat Sheet
- OWASP: ESAPI project
- OWASP 2017-A9
- OWASP 2021-A6
- CWE-79
- OWASP 2017-A7
- OWASP 2021-A3
- CWE-20
👉 You might also like:
Drupal 4.1/4.2 XSS - Vulnerability
Drupal Module Cumulus Cross Site Scripting - Vulnerability
WordPress Akal Theme Cross Site Scripting - CVE-2016-10957
WordPress Theme Akal XSS - CVE-2016-10957
Last updated on September 05, 2021