Joomla: >> Joomla! >> 3.0.1 Security Vulnerabilities
An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate escaping in the imagelist view of com_media leads to a XSS vulnerability.
CVSS Score
6.1
EPSS Score
0.008
Published
2021-07-07
An issue was discovered in Joomla! 3.0.0 through 3.9.26. HTML was missing in the executable block list of MediaHelper::canUpload, leading to XSS attack vectors.
CVSS Score
6.1
EPSS Score
0.007
Published
2021-05-26
An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint.
CVSS Score
6.5
EPSS Score
0.0
Published
2021-05-26
An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in data download endpoints in com_banners and com_sysinfo.
CVSS Score
6.5
EPSS Score
0.0
Published
2021-05-26
An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error page
CVSS Score
6.1
EPSS Score
0.093
Published
2021-04-14
An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate filters on module layout settings could lead to an LFI.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-04-14
An issue was discovered in Joomla! 2.5.0 through 3.9.24. Missing filtering of messages showed to users that could lead to xss issues.
CVSS Score
6.1
EPSS Score
0.009
Published
2021-03-04
An issue was discovered in Joomla! 2.5.0 through 3.9.24. Missing filtering of feed fields could lead to xss issues.
CVSS Score
6.1
EPSS Score
0.009
Published
2021-03-04
An issue was discovered in Joomla! 3.0.0 through 3.9.24. com_media allowed paths that are not intended for image uploads
CVSS Score
7.5
EPSS Score
0.586
Published
2021-03-04
An issue was discovered in Joomla! 3.0.0 through 3.9.24. Incorrect ACL checks could allow unauthorized change of the category for an article.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-03-04