Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Joomla Improper Preservation of Permissions Vulnerability (CVE-2020-13763)

Description

In Joomla! before 3.9.19, the default settings of the global textfilter configuration do not block HTML inputs for Guest users.

Remediation

References

Related Vulnerabilities

Oracle Application Server CVE-2008-4014 Vulnerability (CVE-2008-4014)

WordPress Plugin NEX-Forms Lite-WordPress Contact Form builder Cross-Site Scripting (2.1.0)

WordPress Plugin Online Hotel Booking System Pro Cross-Site Scripting (1.1)

WordPress Plugin WP-Invoice-Web Invoice and Billing Multiple Vulnerabilities (4.1.0)

WordPress Plugin Simple Giveaways-Grow your business, email lists and traffic with contests Cross-Site Scripting (2.36.0)

Severity

High

Classification

CVE-2020-13763 CWE-281 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities