Vulnerabilities > Stackideas > Komento > 1.7.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-01-30 | CVE-2014-1837 | Cross-Site Scripting vulnerability in Stackideas Komento Cross-site scripting (XSS) vulnerability in the StackIdeas Komento (com_komento) component before 1.7.4 for Joomla! allows remote attackers to inject arbitrary web script or HTML via vectors related to "checking new comments." | 4.3 |
2014-01-30 | CVE-2014-0793 | Cross-Site Scripting vulnerability in Stackideas Komento 1.7.0/1.7.1/1.7.2 Multiple cross-site scripting (XSS) vulnerabilities in the StackIdeas Komento (com_komento) component before 1.7.3 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website or (2) latitude parameter in a comment to the default URI. | 4.3 |