Description
In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates.
Remediation
References
Related Vulnerabilities
Internet Information Services Other Vulnerability (CVE-2001-0709)
MySQL CVE-2014-4238 Vulnerability (CVE-2014-4238)
WordPress 3.7.x Cross-Domain Flash Injection Vulnerability (3.7 - 3.7.24)
WordPress Plugin Light Messages Cross-Site Request Forgery (1.0)
WordPress Plugin Podlove Subscribe button Multiple Vulnerabilities (1.3.7)