Joomla : Security Vulnerabilities, CVEs, Published In 2011 (XSS) CVSS score >= 1
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.6.3 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.45%
Published
2011-11-23
Updated
2011-11-28
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URI to includes/application.php, reachable through index.php; and, when Internet Explorer or Konqueror is used, (2) allow remote attackers to inject arbitrary web script or HTML via the searchword parameter in a search action to index.php in the com_search component. NOTE: vector 2 exists because of an incomplete fix for CVE-2011-2509.5.
Max CVSS
4.3
EPSS Score
0.38%
Published
2011-07-27
Updated
2018-08-13
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.6.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the com_contact component, as demonstrated by the Itemid parameter to index.php; (2) the query string to the com_content component, as demonstrated by the filter_order parameter to index.php; (3) the query string to the com_newsfeeds component, as demonstrated by an arbitrary parameter to index.php; or (4) the option parameter in a reset.request action to index.php; and, when Internet Explorer or Konqueror is used, (5) allow remote attackers to inject arbitrary web script or HTML via the searchword parameter in a search action to index.php in the com_search component.
Max CVSS
4.3
EPSS Score
1.25%
Published
2011-07-27
Updated
2018-08-13
Cross-site scripting (XSS) vulnerability in the com_search module for Joomla! 1.0.x through 1.0.15 allows remote attackers to inject arbitrary web script or HTML via the ordering parameter to index.php.
Max CVSS
4.3
EPSS Score
8.20%
Published
2011-01-11
Updated
2018-10-10
4 vulnerabilities found