Description
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow remote attackers to inject arbitrary web script or HTML via the (1) Title or (2) Section Name form fields in the Section Manager component, or (3) multiple unspecified fields in New Menu Item.
Remediation
References
Related Vulnerabilities
WordPress Plugin Advanced Custom Fields (ACF) 'acf_abspath' Parameter Remote File Include (3.5.1)
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.6)
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-2505)
Apache HTTP Server CVE-2012-0053 Vulnerability (CVE-2012-0053)
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2020-11057)