Vulnerabilities > Joomla

DATE CVE VULNERABILITY TITLE RISK
2024-07-09 CVE-2024-21729 Cross-site Scripting vulnerability in Joomla Joomla!
Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field.
network
low complexity
joomla CWE-79
6.1
2024-07-09 CVE-2024-21730 Cross-site Scripting vulnerability in Joomla Joomla!
The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector.
network
low complexity
joomla CWE-79
5.4
2024-07-09 CVE-2024-21731 Cross-site Scripting vulnerability in Joomla Joomla!
Improper handling of input could lead to an XSS vector in the StringHelper::truncate method.
network
low complexity
joomla CWE-79
6.1
2024-07-09 CVE-2024-26278 Cross-site Scripting vulnerability in Joomla Joomla!
The Custom Fields component not correctly filter inputs, leading to a XSS vector.
network
low complexity
joomla CWE-79
6.1
2024-07-09 CVE-2024-26279 Cross-site Scripting vulnerability in Joomla Joomla!
The wrapper extensions do not correctly validate inputs, leading to XSS vectors.
network
low complexity
joomla CWE-79
6.1
2023-11-29 CVE-2023-40626 Unspecified vulnerability in Joomla Joomla!
The language file parsing process could be manipulated to expose environment variables.
network
low complexity
joomla
7.5
2023-05-30 CVE-2023-23754 Open Redirect vulnerability in Joomla Joomla!
An issue was discovered in Joomla! 4.2.0 through 4.3.1.
network
low complexity
joomla CWE-601
6.1
2023-05-30 CVE-2023-23755 Improper Restriction of Excessive Authentication Attempts vulnerability in Joomla Joomla!
An issue was discovered in Joomla! 4.2.0 through 4.3.1.
network
low complexity
joomla CWE-307
7.5
2023-02-16 CVE-2023-23752 Unspecified vulnerability in Joomla Joomla!
An issue was discovered in Joomla! 4.0.0 through 4.2.7.
network
low complexity
joomla
5.3
2023-02-01 CVE-2023-23750 Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla!
An issue was discovered in Joomla! 4.0.0 through 4.2.6.
network
low complexity
joomla CWE-352
6.3