Description
In Joomla! Core before 3.8.8, inadequate filtering of file and folder names leads to various XSS attack vectors in the media manager.
Remediation
References
Related Vulnerabilities
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2009-1387)
WordPress Plugin Nextend Twitter Connect Cross-Site Scripting (1.5.1)
WordPress Plugin Brizy-Page Builder Security Bypass (1.0.125)
WordPress Improper Input Validation Vulnerability (CVE-2013-4339)
ZenCart Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-0697)