Joomla : Security Vulnerabilities, CVEs, Published In November 2011
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.6.3 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.45%
Published
2011-11-23
Updated
2011-11-28
The password reset functionality in Joomla! 1.5.x through 1.5.24 uses weak random numbers, which makes it easier for remote attackers to change the passwords of arbitrary users via unspecified vectors.
Max CVSS
5.0
EPSS Score
1.44%
Published
2011-11-23
Updated
2011-11-28
2 vulnerabilities found