Description
An issue was discovered in Joomla! before 3.9.4. The media form field lacks escaping, leading to XSS.
Remediation
References
Related Vulnerabilities
WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.7)
Moodle Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-3625)
WordPress Plugin VaultPress Remote Code Execution (1.9.0)
WordPress Plugin Affiliate Ads for Clickbank Products Cross-Site Scripting (1.6)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-15110)