PT-2018-11346 · Joomla · Joomla!
Borja Lorenzo
·
Publicado
2018-06-26
·
Atualizado
2018-08-20
·
CVE-2018-12711
CVSS v3.1
6.1
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Joomla! versions 1.6.0 through 3.8.8
Description
A cross-site scripting (XSS) issue was found in the language switcher module. The link of the current language may contain unescaped HTML special characters, potentially leading to reflective XSS via injection of arbitrary parameters and/or values on the current page URL.
Recommendations
For Joomla! versions 1.6.0 through 3.8.8, update to version 3.8.9 or later to resolve the issue.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Joomla!