[20170702] – Core – XSS Vulnerability
- Project: Joomla!
- SubProject: CMS
- Severity: High
- Versions: 1.7.3 – 3.7.2
- Exploit type: XSS
- Reported Date: 2017-June-04
- Fixed Date: 2017-July-04
- CVE Number: CVE-2017-9934
Description
Missing CSRF token checks and improper input validation lead to an XSS vulnerability.
Affected Installs
Joomla! CMS versions 1.7.3-3.7.2
Solution
Upgrade to version 3.7.3
Contact
The JSST at the Joomla! Security Centre.
[20170702] – Core – XSS Vulnerability Read More »