vendor:
Joomla!
by:
Juan Galiana Lara
7.5
CVSS
HIGH
Cross-Site Scripting and Information-Disclosure
79
CWE
Product Name: Joomla!
Affected Version From: 1.5.11
Affected Version To: 1.5.11
Patch Exists: YES
Related CWE: N/A
CPE: a:joomla:joomla
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: None
2009
Multiple Cross-Site Scripting and Information-Disclosure Vulnerabilities in Joomla!
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, and obtain sensitive information.
Mitigation:
Upgrade to version 1.5.12 or later.