CVE-2019-6262 — Cross-site Scripting in Joomla !

Severity

5.4MEDIUMNVD

EPSS

0.0%

top 95.83%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedJan 16

Latest updateMay 14

Description

An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration helpurl settings allowed stored XSS.

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

▶NVDjoomla/joomla_!2.5.0 — 3.9.2

GHSA

GHSA-wjw3-7mw5-4gm4: An issue was discovered in Joomla! before 3↗2022-05-14

▶

CVEList

CVE-2019-6262: An issue was discovered in Joomla! before 3↗2019-01-16

▶

Bugzilla

CVE-2019-18835 matrix-synapse: mishandles signature checking on some federation APIs↗2019-11-08

▶