Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-23800: Joomla! Developer Network

An issue was discovered in Joomla! 4.0.0 through 4.1.0. Inadequate content filtering leads to XSS vulnerabilities in various components.

CVE
#xss#vulnerability#js

Security Announcements

[20220308] - Core - Inadequate content filtering within the filter code

  • Project: Joomla! / Joomla! Framework
  • SubProject: CMS / filter
  • Impact: Moderate
  • Severity: Low
  • Probability: Low
  • Versions: 4.0.0 - 4.1.0
  • Exploit type: XSS
  • Reported Date: 2022-01-19
  • Fixed Date: 2022-03-29
  • CVE Number: CVE-2022-23800

Description

Inadequate content filtering leads to XSS vulnerabilities in various components.

Affected Installs

Joomla! CMS versions 4.0.0 - 4.1.0

Solution

Upgrade to version 4.1.1

Contact

The JSST at the Joomla! Security Centre.

Reported By: Sebastian Morris, pwnCTRL

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907