Vulnerabilities > Stackideas > Komento
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-27 | CVE-2015-7324 | Cross-site Scripting vulnerability in Stackideas Komento Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento (com_komento) component before 2.0.5 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) img or (2) url tag of a new comment. | 4.3 |
| 2014-01-30 | CVE-2014-1837 | Cross-Site Scripting vulnerability in Stackideas Komento Cross-site scripting (XSS) vulnerability in the StackIdeas Komento (com_komento) component before 1.7.4 for Joomla! allows remote attackers to inject arbitrary web script or HTML via vectors related to "checking new comments." | 4.3 |
| 2014-01-30 | CVE-2014-0793 | Cross-Site Scripting vulnerability in Stackideas Komento 1.7.0/1.7.1/1.7.2 Multiple cross-site scripting (XSS) vulnerabilities in the StackIdeas Komento (com_komento) component before 1.7.3 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website or (2) latitude parameter in a comment to the default URI. | 4.3 |