Stackideas Komento vulnerabilities
3 known vulnerabilities affecting stackideas/komento.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2014-0793P4MEDIUMCVSS 4.3PoC≤ 1.7.2v1.7.0+1 more2014-01-30
CVE-2014-0793 [MEDIUM] CWE-79 CVE-2014-0793: Multiple cross-site scripting (XSS) vulnerabilities in the StackIdeas Komento (com_komento) componen
Multiple cross-site scripting (XSS) vulnerabilities in the StackIdeas Komento (com_komento) component before 1.7.3 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website or (2) latitude parameter in a comment to the default URI.
nvd
CVE-2015-7324P4MEDIUMCVSS 6.1fixed in 2.0.52017-12-27
CVE-2015-7324 [MEDIUM] CWE-79 CVE-2015-7324: Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento
Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento (com_komento) component before 2.0.5 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) img or (2) url tag of a new comment.
nvd
CVE-2014-1837P4MEDIUMCVSS 4.3≤ 1.7.3v1.7.0+2 more2014-01-30
CVE-2014-1837 [MEDIUM] CWE-79 CVE-2014-1837: Cross-site scripting (XSS) vulnerability in the StackIdeas Komento (com_komento) component before 1.
Cross-site scripting (XSS) vulnerability in the StackIdeas Komento (com_komento) component before 1.7.4 for Joomla! allows remote attackers to inject arbitrary web script or HTML via vectors related to "checking new comments."
nvd