Description
Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before 1.5.21 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving "multiple encoded entities," as demonstrated by the query string to index.php in the com_weblinks or com_content component.
Remediation
References
Related Vulnerabilities
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-16943)
WordPress Plugin Docket Cache-Object Cache Accelerator Cross-Site Scripting (21.08.01)
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-4534)
WordPress Plugin YARPP-Yet Another Related Posts PHP Object Injection (4.4)
Oracle Database Server CVE-2010-0900 Vulnerability (CVE-2010-0900)