Mario Korth

**Name of the Vulnerable Software and Affected Versions** soerennb eXtplorer versions 2.1.12 and earlier **Description** A problem has been found in soerennb eXtplorer that allows for cross-site scripting. The attack can be launched remotely. It is recommended to upgrade the affected component to address this issue. **Recommendations** For soerennb eXtplorer versions 2.1.12 and earlier, upgrade to version 2.1.13 to address this issue. As a temporary workaround, consider restricting access to components that may be affected by the cross-site scripting vulnerability until the upgrade is applied.

**Name of the Vulnerable Software and Affected Versions** Joomla! versions prior to 3.9.4 **Description** An issue was discovered that lacks input validation in the JSON handler of com config, leading to XSS. **Recommendations** For versions prior to 3.9.4, update to version 3.9.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Joomla! versions prior to 3.9.2 **Description** An issue was discovered that allows stored XSS due to inadequate checks of the Global Configuration helpurl settings. **Recommendations** For versions prior to 3.9.2, update to version 3.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the Global Configuration helpurl settings until a patch is applied.