PT-2017-17854 · Joomla+1 · Smart Related Articles+1

Publicado

2017-04-13

Atualizado

2017-04-20

CVE-2017-7626

CVSS v3.1

6.1

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Joomla "Smart related articles" extension version 1.1

Description The issue concerns a XSS problem in the dialog.php file of the "Smart related articles" extension for Joomla, specifically affecting the n art and type variables in the GET Method.

Recommendations For version 1.1 of the "Smart related articles" extension, consider disabling the dialog.php file or restricting access to it until a patch is available. Avoid using the n art and type variables in the GET Method of the dialog.php file until the issue is resolved.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2017-7626

Produtos afetados

Joomla!

Smart Related Articles

PT-2017-17854 · Joomla+1 · Smart Related Articles+1

CVE-2017-7626

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5