Joomla · Fabrik · CVE-2018-10727
**Name of the Vulnerable Software and Affected Versions**
Fabrik component versions prior to 3.8.1
**Description**
The issue concerns a Reflected Cross-Site Scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary web script via the HTTP Referer header, specifically targeting the fabrik referrer hidden field in the Fabrik component for Joomla!.
**Recommendations**
For versions prior to 3.8.1, update to version 3.8.1 or later to resolve the issue.