Vulnerabilities > Joomla > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-16 | CVE-2020-10242 | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.16. | 6.1 |
| 2020-03-16 | CVE-2020-10240 | Improper Input Validation vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.16. | 5.3 |
| 2020-02-04 | CVE-2011-4912 | Incorrect Permission Assignment for Critical Resource vulnerability in Joomla Joomla! Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass. | 5.3 |
| 2020-01-28 | CVE-2020-8421 | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.15. | 6.1 |
| 2020-01-22 | CVE-2011-3595 | Cross-site Scripting vulnerability in Joomla Joomla! Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters. | 5.4 |
| 2020-01-15 | CVE-2011-4907 | Unrestricted Upload of File with Dangerous Type vulnerability in Joomla Joomla! Joomla! 1.5x through 1.5.12: Missing JEXEC Check | 5.3 |
| 2019-12-18 | CVE-2019-19845 | Path Traversal vulnerability in Joomla Joomla! In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure. | 5.3 |
| 2019-11-06 | CVE-2019-18674 | Missing Authorization vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.13. | 5.3 |
| 2019-09-24 | CVE-2019-16725 | Cross-site Scripting vulnerability in Joomla Joomla! In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates. | 6.1 |
| 2019-08-14 | CVE-2019-15028 | Unspecified vulnerability in Joomla Joomla! In Joomla! before 3.9.11, inadequate checks in com_contact could allow mail submission in disabled forms. | 5.3 |