Description

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5 through 1.5.9 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to the (1) com_admin component, (2) com_search component when "Gather Search Statistics" is enabled, and (3) the category view in the com_content component.

Remediation

References

CVE-2009-1279

Related Vulnerabilities

WordPress Plugin 3D Flick Slideshow 'upload.php' Arbitrary File Upload (2.1)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14594)

Jenkins Protection Mechanism Failure Vulnerability (CVE-2021-21690 )

WordPress Plugin AMP for WP-Accelerated Mobile Pages Multiple Unspecified Vulnerabilities (0.9.72)

PmWiki Other Vulnerability (CVE-2006-2840)

Severity

Low

Classification

CVE-2009-1279 CWE-707

Tags

Missing Update Known Vulnerabilities