CVE-2017-7985 — Cross-site Scripting in Joomla !

Severity

6.1MEDIUMNVD

EPSS

0.1%

top 79.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedApr 25

Latest updateMay 14

Description

In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of multibyte characters leads to XSS vulnerabilities in various components.

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

▶NVDjoomla/joomla_!1.5.0 — 3.6.5

GHSA

GHSA-76pw-hw5c-rwhp: In Joomla! 1↗2022-05-14

▶

CVEList

CVE-2017-7985: In Joomla! 1↗2017-04-25

▶

Fortinet

Incomplete Patch: Another Joomla! Core XSS Vulnerability Is Discovered↗2018-05-25

▶

Fortinet

Incomplete Patch: More Joomla! Core XSS Vulnerabilities Are Found↗2017-07-12

▶

Fortinet

Multiple Joomla! Core XSS Vulnerabilities Are Discovered↗2017-05-04

▶