Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-6377)

Description

In Joomla! before 3.8.4, inadequate input filtering in com_fields leads to an XSS vulnerability in multiple field types, i.e., list, radio, and checkbox

Remediation

References

CVE-2018-6377

Related Vulnerabilities

WordPress Plugin Integration for Contact Form 7 and Constant Contact Cross-Site Scripting (1.0.8)

WordPress Plugin Controlled Admin Access Security Bypass (1.5.5)

Claroline Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-3260)

WordPress Plugin zM Ajax Login & Register Multiple Vulnerabilities (1.0.9)

WordPress Plugin Swipe Checkout for eShop Cross-Site Scripting (3.7.0)

Severity

Medium

Classification

CVE-2018-6377 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Description

Remediation

References

Related Vulnerabilities

Severity

Classification

Tags

Take action and discover your vulnerabilities