Description
In Joomla! before 3.8.4, lack of escaping in the module chromes leads to XSS vulnerabilities in the module system.
Remediation
References
Related Vulnerabilities
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5317)
WordPress Plugin Playbuzz Cross-Site Scripting (0.8.1)
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5288)
WordPress Plugin Premmerce Wishlist for WooCommerce Security Bypass (1.1.2)