CVE-2011-4830
published 2011-12-15CVE-2011-4830: Multiple cross-site scripting (XSS) vulnerabilities in the com_listing component in Barter Sites component 1.3 for Joomla! allow remote authenticated users to…
PriorityP415low3.5CVSS 2.0
AVNACMAuSCNIPAN
EXPLOIT
EPSS
1.36%
68.2th percentile
Multiple cross-site scripting (XSS) vulnerabilities in the com_listing component in Barter Sites component 1.3 for Joomla! allow remote authenticated users to inject arbitrary web script or HTML via the (1) listing_title, (2) description, (3) homeurl (aka Website Address), (4) paystring (aka Payment types accepted), (5) sell_price, (6) shipping_cost, and (7) quantity parameters to index.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| barter-sites | com_listing | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://docs.joomla.org/Vulnerable_Extensions_List#Barter_Sites_1.3http://my.barter-sites.com/index.php?option=com_content&view=article&id=6&Itemid=25http://www.exploit-db.com/exploits/18046http://docs.joomla.org/Vulnerable_Extensions_List#Barter_Sites_1.3http://my.barter-sites.com/index.php?option=com_content&view=article&id=6&Itemid=25http://www.exploit-db.com/exploits/18046
2011-12-15
Published