Joomla! CMS Multiple Cross Site Scripting Vulnerabilities Network Vulnerability

Summary

This host is running Joomla and is prone to multiple cross site scripting vulnerabilities.

Impact

Successful exploitation will let attackers to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. Impact Level: Application.

Solution

Upgrade to Joomla CMS 1.6.4 or later For updates refer to http://www.joomla.org/

Insight

The flaws are caused by improper validation of user-supplied input via the 'Itemid' and 'filter_order' parameters in 'index.php', before being returned to the user.

Affected

Joomla CMS version 1.6.3 and prior.

References

http://secunia.com/advisories/45094

Updated on 2017-03-28

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities
Apache mod_proxy_ajp Information Disclosure Vulnerability
Adiscon LogAnalyzer 'highlight' Parameter Cross Site Scripting Vulnerability
Apache Struts2 showcase namespace XSS Vulnerability
AlienForm CGI script

Take action and discover your vulnerabilities