In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates.
References
Link | Resource |
---|---|
https://developer.joomla.org/security-centre/791-20190901-core-xss-in-logo-parameter-of-default-templates.html | Vendor Advisory |
Configurations
Information
Published : 2019-09-24 14:15
Updated : 2019-09-25 05:59
NVD link : CVE-2019-16725
Mitre link : CVE-2019-16725
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
joomla
- joomla\!