Description
Joomla! Core is prone to a variable injection vulnerability. Exploiting this issue may allow attackers to inject unwanted characters into returned data; other attacks with unspecified impact are also possible. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.6 are vulnerable.
Remediation
Update to Joomla! Core version 1.5.7 or latest
References
Related Vulnerabilities
WordPress Plugin Secure File Manager Arbitrary File Upload (2.9.3)
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7923)
ReviveAdserver Session Fixation Vulnerability (CVE-2017-5831)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2165)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0046)