Summary
This host is installed with Joomla! component SMF and is prone to cross site scripting vulnerability.
Impact
Successful exploitation will allow remote attackers to execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server.
Impact Level: Application
Solution
No solution or patch is available as of 9th February, 2015. Information regarding this issue will updated once the solution details are available.
For updates refer to http://www.joomla.org
Insight
The flaw is due to insufficient validation of 'itemid' HTTP GET parameter passed to 'index.php' script.
Affected
SMF Component for Joomla
Detection
Send a crafted data via HTTP GET request and check whether it is possible to read a given string.
References
Updated on 2017-03-28
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Allegro RomPager HTTP Referer Header Cross Site Scripting Vulnerability
- Apache CouchDB Cross Site Request Forgery Vulnerability
- Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
- Apache Tomcat NIO Connector Denial of Service Vulnerability
- Apache Struts Cross Site Scripting Vulnerability