Vulnerabilities > CVE-2006-4474 - Cross-Site Scripting vulnerability in Joomla 1.0.9

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

joomla

NVD

Published: 2006-08-31

Updated: 2017-07-20

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.11 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) Admin Module Manager, (2) Admin Help, and (3) Search.

Vulnerable Configurations

Part	Description	Count
Application	Joomla Joomla Joomla 1.0.9 Joomla Joomla *	2

References

http://secunia.com/advisories/21666
http://www.joomla.org/content/view/1841/78/
http://www.joomla.org/content/view/1843/74/
http://www.vupen.com/english/advisories/2006/3408
https://exchange.xforce.ibmcloud.com/vulnerabilities/28633