Description

Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors.

Remediation

References

CVE-2008-3228

Related Vulnerabilities

Oracle Application Server Other Vulnerability (CVE-2005-3451)

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Cross-Site Scripting (7.1.17)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-38269)

WordPress Plugin Customify-Intuitive Website Styling Cross-Site Request Forgery (2.10.4)

WordPress Plugin Complianz-GDPR/CCPA Cookie Consent Cross-Site Scripting (5.5.2)

Severity

High

Classification

CVE-2008-3228

Tags

Missing Update Known Vulnerabilities