Description

JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact.

Remediation

References

CVE-2008-4105

Related Vulnerabilities

WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk Cross-Site Scripting (5.113)

Joomla CVE-2012-0819 Vulnerability (CVE-2012-0819)

Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0825)

WordPress Plugin Slack-Chat Information Disclosure (1.5.5)

Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-12308)

Severity

High

Classification

CVE-2008-4105 CWE-20

Tags

Missing Update Known Vulnerabilities