Description
An issue was discovered in Joomla! before 3.9.7. The subform fieldtype does not sufficiently filter or validate input of subfields. This leads to XSS attack vectors.
Remediation
References
Related Vulnerabilities
Chamilo URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-9540)
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.10)
WordPress Plugin Facebook Page Photo Gallery Cross-Site Scripting (2.0.9)
WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Unspecified Vulnerability (1.53)
WordPress Plugin Spectra-WordPress Gutenberg Blocks Multiple Security Bypass Vulnerabilities (2.3.0)