Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Versions: 2.5.0 through 3.9.2
Exploit type: XSS
Reported Date: 2019-January-17
Fixed Date: 2019-February-12
CVE Number: CVE-2019-7739
Description
“No Filtering” textfilter overrides child set…
[20190203] – Core – Additional warning in the Global Configuration textfilter settings Read More »
Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Versions: 1.0.0 through 3.9.2
Exploit type: XSS
Reported Date: 2018-September-24
Fixed Date: 2019-February-12
CVE Number: CVE-2019-7742
Description
A combination of specific webserver configu…
[20190202] – Core – Browserside mime-type sniffing causes XSS attack vectors Read More »
Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Versions: 2.5.0 through 3.9.2
Exploit type: XSS
Reported Date: 2018-November-13
Fixed Date: 2019-February-12
CVE Number: CVE-2019-7744
Description
Inadequate filtering on URL fields in variou…
[20190201] – Core – Lack of URL filtering in various core components Read More »
Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Versions: 2.5.0 through 3.9.1
Exploit type: XSS
Reported Date: 2018-December-05
Fixed Date: 2019-January-15
CVE Number: CVE-2019-6262
Description
Inadequate checks at the Global Configuration…
[20190104] – Core – Stored XSS issue in the Global Configuration help url Read More »
Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Versions: 2.5.0 through 3.9.1
Exploit type: XSS
Reported Date: 2018-November-29
Fixed Date: 2019-January-15
CVE Number: CVE-2019-6263
Description
Inadequate checks at the Global Configuration…
[20190103] – Core – Stored XSS issue in the Global Configuration textfilter settings Read More »
Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Versions: 2.5.0 through 3.9.1
Exploit type: XSS
Reported Date: 2018-December-04
Fixed Date: 2019-January-15
CVE Number: CVE-2019-6261
Description
Inadequate escaping in com_contact leads to a…
[20190102] – Core – Stored XSS in com_contact Read More »
Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Versions: 2.5.0 through 3.9.1
Exploit type: XSS
Reported Date: 2018-December-01
Fixed Date: 2019-January-15
CVE Number: CVE-2019-6264
Description
Inadequate escaping in mod_banners leads to a…
[20190101] – Core – Stored XSS in mod_banners Read More »
Project: Joomla!
SubProject: CMS
Impact: Moderate
Severity: Low
Versions: 2.5.0 through 3.8.12
Exploit type: CSRF
Reported Date: 2018-September-26
Fixed Date: 2018-October-02
CVE Number: CVE-2018-17858
Description
Added additional CSRF hardening in c…
[20181005] – Core – CSRF hardening in com_installer Read More »
Project: Joomla!
SubProject: CMS
Impact: Moderate
Severity: Low
Versions: 1.5.0 through 3.8.12
Exploit type: ACL Violation
Reported Date: 2017-December-27
Fixed Date: 2018-October-02
CVE Number: CVE-2018-17855
Description
In case that an attacker get…
[20181004] – Core – ACL Violation in com_users for the admin verification Read More »
Project: Joomla!
SubProject: CMS
Impact: Moderate
Severity: Low
Versions: 3.1.0 through 3.8.12
Exploit type: ACL Violation
Reported Date: 2018-June-20
Fixed Date: 2018-October-02
CVE Number: CVE-2018-17857
Description
Inadequate checks on the tags se…
[20181003] – Core – Access level Violation in com_tags Read More »
