Description

Cross-site scripting (XSS) vulnerability in the administrator panel in the com_users core component for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2009-1940

Related Vulnerabilities

WordPress Plugin YITH WooCommerce Quick View Security Bypass (1.3.13)

RubyGems Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8322)

WordPress Plugin FeedWordPress Multiple Vulnerabilities (2015.0426)

WordPress Plugin Floating Social Media Links 'wpp' Parameter Multiple Remote File Include Vulnerabilities (1.4.2)

WordPress Plugin AdPlugg WordPress Ad Cross-Site Scripting (1.1.33)

Severity

Medium

Classification

CVE-2009-1940 CWE-707

Tags

Missing Update Known Vulnerabilities