Summary
This host is running Joomla and is prone to multiple cross-site scripting vulnerabilities.
Impact
Successful exploitation will let attackers to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.
Impact Level: Application.
Solution
Upgrade Joomla! version to 1.6.1 or later.
For updates refer to http://www.joomla.org
Insight
The flaw is caused by an input validation error in the Query String Parameter in 'index.php' when processing user-supplied data, which could be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected site.
Affected
Joomla! version 1.6.0
References
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- AjaXplorer Remote Command Injection and Local File Disclosure Vulnerabilities
- 1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability
- Apache Tomcat SecurityConstraints Security Bypass Vulnerability
- Adobe BlazeDS XML and XML External Entity Injection Vulnerabilities
- A4Desk Event Calendar 'eventid' Parameter SQL Injection Vulnerability