Show filters
389 Total Results
Displaying 21-30 of 389
Sort by:
Attacker Value
Unknown

CVE-2024-26278

Disclosure Date: July 09, 2024 (last updated July 20, 2024)
The Custom Fields component not correctly filter inputs, leading to a XSS vector.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-21731

Disclosure Date: July 09, 2024 (last updated August 17, 2024)
Improper handling of input could lead to an XSS vector in the StringHelper::truncate method.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-21730

Disclosure Date: July 09, 2024 (last updated August 17, 2024)
The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-21729

Disclosure Date: July 09, 2024 (last updated August 17, 2024)
Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-32788

Disclosure Date: April 24, 2024 (last updated April 24, 2024)
Insertion of Sensitive Information into Log File vulnerability in Frédéric GILLES FG Joomla to WordPress.This issue affects FG Joomla to WordPress: from n/a through 4.20.2.
0
0
Attacker Value
Unknown

CVE-2024-21726

Disclosure Date: February 29, 2024 (last updated February 29, 2024)
Inadequate content filtering leads to XSS vulnerabilities in various components.
0
0
Attacker Value
Unknown

CVE-2024-21725

Disclosure Date: February 29, 2024 (last updated February 29, 2024)
Inadequate escaping of mail addresses lead to XSS vulnerabilities in various components.
0
0
Attacker Value
Unknown

CVE-2024-21724

Disclosure Date: February 29, 2024 (last updated February 15, 2025)
Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2024-21723

Disclosure Date: February 29, 2024 (last updated February 29, 2024)
Inadequate parsing of URLs could result into an open redirect.
0
0
Attacker Value
Unknown

CVE-2024-21722

Disclosure Date: February 29, 2024 (last updated February 29, 2024)
The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified.
0
0
View More Topics  < Previous  Next >