Joomla: >> Joomla! >> 3.10.10 Security Vulnerabilities
Lack of output escaping leads to a XSS vector in the multilingual associations component.
CVSS Score
5.9
EPSS Score
0.0
Published
2026-04-01
Lack of output escaping for article titles leads to XSS vectors in various locations.
CVSS Score
5.9
EPSS Score
0.0
Published
2026-04-01
Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism.
CVSS Score
8.6
EPSS Score
0.0
Published
2026-04-01
An improper access check allows unauthorized access to webservice endpoints.
CVSS Score
8.6
EPSS Score
0.0
Published
2026-04-01
The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers.
CVSS Score
6.3
EPSS Score
0.0
Published
2026-04-01
Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-04-01
Lack of output escaping leads to a XSS vector in the pagebreak plugin.
CVSS Score
5.9
EPSS Score
0.0
Published
2026-01-06
The wrapper extensions do not correctly validate inputs, leading to XSS vectors.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-07-09
Improper handling of input could lead to an XSS vector in the StringHelper::truncate method.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-07-09
The Custom Fields component not correctly filter inputs, leading to a XSS vector.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-07-09
Page 1