header-logo
Suggest Exploit
vendor:
N/A
by:
Mr.tro0oqy
3.1
CVSS
MEDIUM
Cross Site Scripting
79
CWE
Product Name: N/A
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020

Joomla compnent com_noticia cross site scripting

The vulnerability exists due to insufficient filtration of user-supplied data in the 'itemId' parameter of the 'index.php' script. A remote attacker can execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

Mitigation:

Input validation should be used to ensure that untrusted data is not used to dynamically generate or modify the content of a web page.
Source

Exploit-DB raw data:

Joomla compnent com_noticia cross site scripting
author : Mr.tro0oqy
email : t.4@windowslive.com<mailto:t.4@windowslive.com>

dork:inurl:index.php?option=com_noticia

exp :
index.php?option=com_noticia&action=view&itemId=[XSS]

Navigation

Suggest Exploit

Services By CQR