Description
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) the title and description parameters to the com_weblinks module and (2) unspecified vectors in the com_content module related to "article submission."
Remediation
References
Related Vulnerabilities
Envoy Proxy Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-8660)
Ruby Numeric Errors Vulnerability (CVE-2008-2376)
WordPress Plugin DM Albums File Dislosure (1.9.2)
WordPress Plugin MAZ Loader-Preloader Builder for WordPress Cross-Site Request Forgery (1.4.0)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8656)