Description
JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact.
Remediation
References
Related Vulnerabilities
WordPress Plugin Easy SVG Support Cross-Site Scripting (3.2.0)
Atlassian Confluence Missing Authorization Vulnerability (CVE-2019-15005)
MySQL CVE-2016-0606 Vulnerability (CVE-2016-0606)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-35480)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0165)