Description

Joomla! Core is prone to a spam vulnerability. Exploiting this issue may allow attackers to send spam through the affected website. Joomla! Core version 1.6.0 is vulnerable.

Remediation

Update to Joomla! Core version 1.6.1 or latest

References

http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=24288

https://www.exploit-db.com/exploits/15979/

https://www.joomla.org/announcements/release-news/5350-joomla-161-released.html

Related Vulnerabilities

Apache Tomcat Other Vulnerability (CVE-2002-0682)

WordPress Plugin Login with phone number Cross-Site Scripting (1.4.1)

WordPress Plugin Catchers Helpdesk and Ticket system for Support Cross-Site Scripting (1.0.3)

Java Unspesificed Vulnerability (CVE-2018-3183)

Nexus Repository Manager Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2021-43961)

Severity

High

Classification

CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update