Description

Cross-site scripting (XSS) vulnerability in Joomla! CMS 2.5.x before 2.5.19 and 3.x before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2014-7982

Related Vulnerabilities

ownCloud Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2013-2039)

Drupal Core 4.6.x Form Action Attribute Injection (4.6.0 - 4.6.9)

WordPress Plugin WP Statistics Cross-Site Scripting (12.6.3)

WordPress Plugin Multi Rating Multiple Vulnerabilities (5.0.5)

WordPress Plugin Calendar Multiple Cross-Site Scripting Vulnerabilities (1.2.1)

Severity

Medium

Classification

CVE-2014-7982 CWE-707

Tags

Missing Update Known Vulnerabilities