Description An issue was discovered in Joomla! before 3.9.4. The media form field lacks escaping, leading to XSS. Remediation References CVE-2019-9714 Related Vulnerabilities PHP Out-of-bounds Read Vulnerability (CVE-2019-11034) LimeSurvey CVE-2009-1604 Vulnerability (CVE-2009-1604) MySQL CVE-2021-2065 Vulnerability (CVE-2021-2065) WordPress Directory Traversal (3.7 - 5.0.3) Joomla Use of Insufficiently Random Values Vulnerability (CVE-2012-1562) Severity Medium Classification CVE-2019-9714 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities