CVE-2023-54363

Name of the Vulnerable Software and Affected Versions Joomla Solidres version 2.13.3

Description Joomla Solidres 2.13.3 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts. Attackers can manipulate multiple GET parameters, including show, reviews, type id, distance, facilities, categories, prices, location, and Itemid, to craft malicious URLs containing JavaScript payloads. When victims visit these crafted links, attackers can potentially steal session tokens, login credentials, or manipulate site content.

Recommendations Update Joomla Solidres to a newer version that contains a fix for this vulnerability.