Šarūnas Paulauskas

#15165of 53,635
17.7Total CVSS
Vulnerabilities · 3
Medium
3
PT-2021-16921
5.5
2021-03-04
Joomla · Joomla! · CVE-2021-26028
**Name of the Vulnerable Software and Affected Versions** Joomla! versions 3.0.0 through 3.9.24 **Description** An issue was discovered where extracting a specifically crafted zip package could write files outside of the intended path. **Recommendations** For Joomla! versions 3.0.0 through 3.9.24, update to a version that contains a fix for this issue.
PT-2021-15379
6.1
2021-01-12
Joomla · Joomla! · CVE-2021-23124
**Name of the Vulnerable Software and Affected Versions** Joomla! versions 3.9.0 through 3.9.23 **Description** The issue is related to a lack of escaping in the `aria-label` attribute of the `mod breadcrumbs` module, which allows XSS attacks. **Recommendations** For Joomla! versions 3.9.0 through 3.9.23, update to a version that includes the fix for this issue to prevent XSS attacks.
PT-2021-15380
6.1
2021-01-12
Joomla · Joomla! · CVE-2021-23125
**Name of the Vulnerable Software and Affected Versions** Joomla! versions 3.1.0 through 3.9.23 **Description** The issue is related to the lack of escaping of image-related parameters in multiple com tags views, which can lead to XSS attack vectors. **Recommendations** For Joomla! versions 3.1.0 through 3.9.23, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.