Description

An issue was discovered in Joomla! before 3.9.3. A combination of specific web server configurations, in connection with specific file types and browser-side MIME-type sniffing, causes an XSS attack vector.

Remediation

References

CVE-2019-7742

Related Vulnerabilities

Zope Web Application Server Other Vulnerability (CVE-2000-0725)

WordPress Plugin Zedna eBook download Directory Traversal (1.1)

WordPress Plugin Facebook Page Photo Gallery Cross-Site Scripting (2.0.9)

WordPress Plugin FluentAuth-The Ultimate Authorization & Security for WordPress Security Bypass (1.0.1)

phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-1285)

Severity

Medium

Classification

CVE-2019-7742 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities