Description

Cross-site scripting (XSS) vulnerability in the ja_purity template for Joomla! 1.5.26 and earlier allows remote attackers to inject arbitrary web script or HTML via the Mod* cookie parameter to html/modules.php.

Remediation

References

CVE-2012-2413

Related Vulnerabilities

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.6.21)

Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.25)

Oracle Database Server CVE-2023-22075 Vulnerability (CVE-2023-22075)

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-2891)

WordPress Plugin Advanced Text Widget 'page' Parameter Cross-Site Scripting (2.0.0)

Severity

Medium

Classification

CVE-2012-2413 CWE-707

Tags

Missing Update Known Vulnerabilities