CVE-2011-3595 — Cross-site Scripting in Joomla!

CWE-79 — Cross-site Scripting4 documents4 sources

Severity

5.4MEDIUMNVD

EPSS

0.0%

top 89.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Joomla!Joomla !

Timeline

PublishedJan 22

Latest updateApr 22

Description

Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages2 packages

▶CVEListV5joomla!/joomla!1.7.0

▶NVDjoomla/joomla_!1.7.0

🔴Vulnerability Details

GHSA

GHSA-mjh4-6qqm-58m2: Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1↗2022-04-22

▶

CVEList

CVE-2011-3595: Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1↗2020-01-22

▶