CVE-2011-2892 — Improper Input Validation in Joomla !

CWE-20 — Improper Input Validation2 documents2 sources

Severity

4.3MEDIUMNVD

EPSS

0.0%

top 96.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Joomla !

Timeline

PublishedJul 27

Latest updateMay 17

Description

Joomla! 1.6.x before 1.6.2 does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDjoomla/joomla_!1.6, 1.6.0, 1.6.1+2

🔴Vulnerability Details

GHSA

GHSA-ggx2-8h9j-28jx: Joomla! 1↗2022-05-17

▶