Description
Cross-site scripting (XSS) vulnerability in modules/mod_languages/tmpl/default.php in the Language Switcher module for Joomla! 2.5.x before 2.5.7 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1184)
WordPress Plugin Ceceppa Multilingua Multiple Cross-Site Scripting Vulnerabilities (1.5.13)
WordPress Plugin Live Chat Unlimited Cross-Site Scripting (2.8.3)
MySQL CVE-2019-2681 Vulnerability (CVE-2019-2681)
MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9410)