Product:

Joomla\!

(Joomla)
Repositories https://github.com/joomla/joomla-cms
#Vulnerabilities 260
Date Id Summary Products Score Patch Annotated
2024-02-29 CVE-2024-21724 Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions. Joomla\! 6.1
2023-02-16 CVE-2023-23752 An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. Joomla\! 5.3
2005-12-31 CVE-2005-4650 Joomla! 1.03 does not restrict the number of "Search" Mambots, which allows remote attackers to cause a denial of service (resource consumption) via a large number of Search Mambots. Joomla\! N/A
2023-05-30 CVE-2023-23754 An issue was discovered in Joomla! 4.2.0 through 4.3.1. Lack of input validation caused an open redirect and XSS issue within the new mfa selection screen. Joomla\! 6.1
2023-05-30 CVE-2023-23755 An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute force attacks against MFA methods. Joomla\! 7.5
2020-01-28 CVE-2020-8419 An issue was discovered in Joomla! before 3.9.15. Missing token checks in the batch actions of various components cause CSRF vulnerabilities. Joomla\! 8.8
2020-01-28 CVE-2020-8420 An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of com_templates causes a CSRF vulnerability. Joomla\! 8.8
2020-01-28 CVE-2020-8421 An issue was discovered in Joomla! before 3.9.15. Inadequate escaping of usernames allows XSS attacks in com_actionlogs. Joomla\! 6.1
2020-06-02 CVE-2020-13760 In Joomla! before 3.9.19, missing token checks in com_postinstall lead to CSRF. Joomla\! 8.8
2020-06-02 CVE-2020-13761 In Joomla! before 3.9.19, lack of input validation in the heading tag option of the "Articles - Newsflash" and "Articles - Categories" modules allows XSS. Joomla\! 6.1