Description
Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before 1.5.21 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving "multiple encoded entities," as demonstrated by the query string to index.php in the com_weblinks or com_content component.
Remediation
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4285)
OpenSSL Use of Insufficiently Random Values Vulnerability (CVE-2019-1549)
WordPress Plugin AGP Font Awesome Collection Cross-Site Scripting (2.7.2)
NodeBB Arbitrary JSON File Read (CVE-2021-43788)
SharePoint Improper Input Validation Vulnerability (CVE-2020-1025)