Summary
This host is running Joomla and is prone to xss vulnerability.
Impact
Successful exploitation will allow remote attacker to execute arbitrary HTML or script code or discloses sensitive information resulting in loss of confidentiality.
Impact Level: Application
Solution
Upgrade to version 3.2.0 or later,
For updates refer to http://www.joomla.org/download.html
Insight
Input passed via 'lang' parameter to 'libraries/idna_convert/example.php' is not properly sanitised before being returned to the user.
Affected
Joomla versions 3.1.5 and prior
Detection
Send a crafted data via HTTP GET request and check whether it is able to read cookie or not.
References
Updated on 2017-03-28
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- AbanteCart Multiple Cross-Site Scripting Vulnerabilities
- Apache Struts2/XWork Remote Command Execution Vulnerability
- Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
- APC PowerChute Network Shutdown 'security/applet' Cross Site Scripting Vulnerability
- AjaXplorer 'doc_file' Parameter Local File Disclosure Vulnerability