CVE-2017-7986
published 2017-04-25CVE-2017-7986: In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of specific HTML attributes leads to XSS vulnerabilities in various components.
PriorityP422medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
EPSS
0.79%
51.6th percentile
In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), inadequate filtering of specific HTML attributes leads to XSS vulnerabilities in various components.
Affected
107 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Fortinet
Incomplete Patch: Another Joomla! Core XSS Vulnerability Is Discovered
blogs_fortinet·2018-05-25·CVSS 6.1
CVE-2017-7985 [MEDIUM] Incomplete Patch: Another Joomla! Core XSS Vulnerability Is Discovered
FORTIGUARD LABS THREAT RESEARCH
Incomplete Patch: Another Joomla! Core XSS Vulnerability Is Discovered
By Zhouyuan Yang | May 25, 2018
In a previous FortiGuard Labs blog I documented that Joomla! had failed to patch two Cross-Site Scripting (XSS) vulnerabilities – CVE-2017-7985 and CVE-2017-7986 – that I had previously discovered. After reporting the issue to Joomla!, they released a patch and published a separate security announcement in July of 2017. But this separate patch still doesn’t fully fix the issue. Earlier this year, I discovered a new way to bypass the Joomla! XSS filter at the same injection point. This new vulnerability has been assigned with the CVE ID CVE-2018-11326.
Just as with CVE-2017-7985 and CVE-2017-7986, this new injection point exists in the front end, under th
Fortinet
Incomplete Patch: More Joomla! Core XSS Vulnerabilities Are Found
blogs_fortinet·2017-07-12·CVSS 6.1
[MEDIUM] Incomplete Patch: More Joomla! Core XSS Vulnerabilities Are Found
FORTIGUARD LABS THREAT RESEARCH
Incomplete Patch: More Joomla! Core XSS Vulnerabilities Are Found
By Zhouyuan Yang | July 12, 2017
Joomla! is one of the world's most popular content management systems (CMS). It enables users to build Web sites and powerful online applications. More than 3 percent of Web sites are running Joomla!, and it accounts for more than 9 percent of CMS market share.
As of July 2017, Joomla! has been downloaded over 82 million times. Over 7,800 free and commercial extensions are available from the official Joomla! Extension Directory, and more are available from other sources.
In my last blog, I discovered 2 Cross-Site Scripting (XSS) vulnerabilities in Joomla!. They are identified as CVE-2017-7985 and CVE-2017-7986. After analyzing the patches for these issues,
Checkpoint
2017-5-8 Global Cyber Attack Reports
blogs_checkpoint·2017-05-08
CVE-2017-5689 2017-5-8 Global Cyber Attack Reports
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 2017-5-8 Global Cyber Attack Reports
TOP ATTACKS AND BREACHES
A new phishing campaign has hit Gmail users. In the attack, malicious emails with a request to access a
Google Doc were received by victims. Once entered, a fake Google Docs application asked for permissions to victims’ Gmail accounts, and then sent similar phishing emails to his/her contacts. The attack was blocked by Google within an hour after the first reports of it. A day after the attack, a Twitter account was used to take responsibility over it
Fortinet
Multiple Joomla! Core XSS Vulnerabilities Are Discovered
blogs_fortinet·2017-05-04·CVSS 6.1
[MEDIUM] Multiple Joomla! Core XSS Vulnerabilities Are Discovered
FORTIGUARD LABS THREAT RESEARCH
Multiple Joomla! Core XSS Vulnerabilities Are Discovered
By Zhouyuan Yang | May 04, 2017
Joomla! is one of the world's most popular content management system (CMS) solutions. It enables users to build custom Web sites and powerful online applications. More than 3 percent of Web sites are running Joomla!, and it accounts for more than 9 percent of CMS market share.
As of November 2016, Joomla! had been downloaded over 78 million times. Over 7,800 free and commercial extensions are also currently available from the official Joomla! Extension Directory, and more are available from other sources.
This year, as a FortiGuard researcher I discovered and reported two Cross-Site Scripting (XSS) vulnerabilities in Joomla!. They are identified as CVE-2017-7985 and
2017-04-25
Published