Description

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) the title and description parameters to the com_weblinks module and (2) unspecified vectors in the com_content module related to "article submission."

Remediation

References

CVE-2008-6299

Related Vulnerabilities

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-2355)

WordPress Plugin Web to Print Online Designer Security Bypass (2.3.0)

WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (4.6.12)

WordPress Plugin Customer Service Software & Support Ticket System Cross-Site Scripting (5.10.3)

WordPress Plugin LearnPress-WordPress LMS Security Bypass (3.2.6.6)

Severity

Low

Classification

CVE-2008-6299 CWE-707

Tags

Missing Update Known Vulnerabilities