Vulnerabilities > Joomla > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-22 | CVE-2018-6378 | Cross-site Scripting vulnerability in Joomla Joomla! In Joomla! Core before 3.8.8, inadequate filtering of file and folder names leads to various XSS attack vectors in the media manager. | 6.1 |
| 2018-05-22 | CVE-2018-11328 | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 4.7 |
| 2018-05-22 | CVE-2018-11327 | Information Exposure vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 4.3 |
| 2018-05-22 | CVE-2018-11326 | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 4.8 |
| 2018-05-22 | CVE-2018-11324 | Race Condition vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 5.9 |
| 2018-05-22 | CVE-2018-11321 | Improper Input Validation vulnerability in Joomla Joomla! An issue was discovered in com_fields in Joomla! Core before 3.8.8. | 6.5 |
| 2018-01-30 | CVE-2018-6380 | Cross-site Scripting vulnerability in Joomla Joomla! In Joomla! before 3.8.4, lack of escaping in the module chromes leads to XSS vulnerabilities in the module system. | 6.1 |
| 2018-01-30 | CVE-2018-6379 | Cross-site Scripting vulnerability in Joomla Joomla! In Joomla! before 3.8.4, inadequate input filtering in the Uri class (formerly JUri) leads to an XSS vulnerability. | 6.1 |
| 2018-01-30 | CVE-2018-6377 | Cross-site Scripting vulnerability in Joomla Joomla! In Joomla! before 3.8.4, inadequate input filtering in com_fields leads to an XSS vulnerability in multiple field types, i.e., list, radio, and checkbox | 6.1 |
| 2017-11-10 | CVE-2017-16633 | Information Exposure vulnerability in Joomla Joomla! In Joomla! before 3.8.2, a logic bug in com_fields exposed read-only information about a site's custom fields to unauthorized users. | 4.3 |