PT-2021-16923 · Joomla · Joomla!

Hoang Nguyen

Published

2021-04-14

Updated

2025-04-03

CVE-2021-26030

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Joomla! versions 3.0.0 through 3.9.25

Description An issue was discovered that allows XSS attacks due to inadequate escaping. This is possible using the logo parameter of the default templates on the error page.

Recommendations For Joomla! versions 3.0.0 through 3.9.25, update to a version that contains a fix for this issue to prevent XSS attacks.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

BIT-JOOMLA-2021-26030

CVE-2021-26030

Affected Products

Joomla!

PT-2021-16923 · Joomla · Joomla!

CVE-2021-26030

Weakness Enumeration

Related Identifiers

Affected Products

References · 4