Description
An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate validation of URLs could result into an invalid check whether an redirect URL is internal or not.
Remediation
References
Related Vulnerabilities
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5492)
WordPress Plugin WP App Maker Cross-Site Scripting (1.0.16.4)
WordPress Plugin Modula Image Gallery Cross-Site Scripting (1.3.5)
WordPress Plugin Advanced File Manager Directory Traversal (5.1)
WordPress Plugin Gallery by BestWebSoft 'php.php' Arbitrary File Upload (3.06)