CVE-2017-9934 — Cross-site Scripting in Joomla !

Severity

6.1MEDIUMNVD

EPSS

0.4%

top 38.58%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedJul 17

Latest updateMay 17

Description

Missing CSRF token checks and improper input validation in Joomla! CMS 1.7.3 through 3.7.2 lead to an XSS vulnerability.

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

▶NVDjoomla/joomla_!75 versions+74

GHSA

GHSA-4xx9-8ghq-gmm3: Missing CSRF token checks and improper input validation in Joomla! CMS 1↗2022-05-17

▶

CVEList

CVE-2017-9934: Missing CSRF token checks and improper input validation in Joomla! CMS 1↗2017-07-17

▶