Description
An issue was discovered in Joomla! before 3.9.7. The subform fieldtype does not sufficiently filter or validate input of subfields. This leads to XSS attack vectors.
Remediation
References
Related Vulnerabilities
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2018-10237)
PostgreSQL Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2016-5424)
WordPress Plugin YITH WooCommerce PDF Invoice and Shipping List Security Bypass (1.2.12)