Product:

Joomla\!

(Joomla)
Repositories https://github.com/joomla/joomla-cms
#Vulnerabilities 259
Date Id Summary Products Score Patch Annotated
2022-10-25 CVE-2022-27913 An issue was discovered in Joomla! 4.2.0 through 4.2.3. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components. Joomla\! 6.1
2022-11-08 CVE-2022-27914 An issue was discovered in Joomla! 4.0.0 through 4.2.4. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in com_media. Joomla\! 6.1
2023-02-01 CVE-2023-23750 An issue was discovered in Joomla! 4.0.0 through 4.2.6. A missing token check causes a CSRF vulnerability in the handling of post-installation messages. Joomla\! 6.3
2023-02-01 CVE-2023-23751 An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access com_actionlogs. Joomla\! 4.3
2023-02-16 CVE-2023-23752 An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. Joomla\! 5.3
2023-11-29 CVE-2023-40626 The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information. Joomla\! 7.5
2024-07-09 CVE-2024-21729 Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field. Joomla\! 6.1
2024-07-09 CVE-2024-21730 The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector. Joomla\! 5.4
2024-07-09 CVE-2024-21731 Improper handling of input could lead to an XSS vector in the StringHelper::truncate method. Joomla\! 6.1
2024-07-09 CVE-2024-26278 The Custom Fields component not correctly filter inputs, leading to a XSS vector. Joomla\! 6.1