CVE-2010-2535 — Cross-site Scripting in Joomla !

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

3.5LOWNVD

EPSS

0.0%

top 95.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Joomla !

Timeline

PublishedOct 5

Latest updateMay 17

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Back End in Joomla! 1.5.x before 1.5.20 allow remote authenticated users to inject arbitrary web script or HTML via administrator screens.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 6.8 | Impact: 2.9

Affected Packages1 packages

▶NVDjoomla/joomla_!20 versions+19

🔴Vulnerability Details

GHSA

GHSA-8rc6-crcx-56mx: Multiple cross-site scripting (XSS) vulnerabilities in the Back End in Joomla! 1↗2022-05-17

▶

💥Exploits & PoCs

Exploit-DB

CA BrightStor Discovery Service - TCP Overflow (Metasploit)↗2010-04-30

▶