CVE-2017-9934
published 2017-07-17CVE-2017-9934: Missing CSRF token checks and improper input validation in Joomla! CMS 1.7.3 through 3.7.2 lead to an XSS vulnerability.
PriorityP427medium6.1CVSS 3.0
AVNACLPRNUIRSCCLILAN
EPSS
2.21%
80.4th percentile
Missing CSRF token checks and improper input validation in Joomla! CMS 1.7.3 through 3.7.2 lead to an XSS vulnerability.
Affected
75 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
| joomla | joomla_! | — | — |
CVSS provenance
nvdv3.06.1MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/99451http://www.securitytracker.com/id/1038817https://developer.joomla.org/security-centre/697-20170602-core-xss-vulnerabilityhttp://www.securityfocus.com/bid/99451http://www.securitytracker.com/id/1038817https://developer.joomla.org/security-centre/697-20170602-core-xss-vulnerability
2017-07-17
Published