Description
An issue was discovered in Joomla! before 3.9.7. The subform fieldtype does not sufficiently filter or validate input of subfields. This leads to XSS attack vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin Sitesassure WP Malware Scanner Cross-Site Scripting (1.0.1)
WordPress Plugin WPGraphQL Security Bypass (0.2.3)
Envoy Proxy Improper Certificate Validation Vulnerability (CVE-2022-21656)
OpenSSL Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3207)
MySQL Insufficiently Protected Credentials Vulnerability (CVE-2012-5627)