Description

The cross-site scripting (XSS) countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using "<<>AAA<><>", possibly due to nested or empty tags.

Remediation

References

CVE-2006-1029

Related Vulnerabilities

WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Local File Inclusion (1.3.6.2)

WordPress Plugin Responsive Lightbox2 Cross-Site Scripting (1.0.2)

Liferay Portal Observable Discrepancy Vulnerability (CVE-2024-26268)

Internet Information Services Other Vulnerability (CVE-2000-1104)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4029)

Severity

Medium

Classification

CVE-2006-1029

Tags

Missing Update Known Vulnerabilities