Description
In Joomla! before 3.9.19, the default settings of the global textfilter configuration do not block HTML inputs for Guest users.
Remediation
References
Related Vulnerabilities
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.5)
WordPress Plugin Slideshow Pro 'upload.php' Arbitrary File Upload (2.1)
WordPress Plugin Analytics Stats Counter Statistics PHP Object Injection (1.2.2.5)
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-39112)