Description
An issue was discovered in Joomla! Core before 3.8.8. Inadequate input filtering leads to a multiple XSS vulnerabilities. Additionally, the default filtering settings could potentially allow users of the default Administrator user group to perform a XSS attack.
Remediation
References
Related Vulnerabilities
WordPress Plugin NextGEN Gallery-WordPress Gallery Multiple HTML Injection Vulnerabilities (1.9.0)
WordPress 4.4 Cross-Site Scripting Vulnerability (4.4)
Apache HTTP Server Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-6420)
WordPress Plugin Verify Google Webmaster Tools Unspecified Vulnerability (1.3)
Joomla! Core 3.x.x Cross-Site Request Forgery (3.7.0 - 3.9.18)