Description
An issue was discovered in Joomla! before 3.9.4. The media form field lacks escaping, leading to XSS.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Insertion of Sensitive Information into Log File Vulnerability (CVE-2001-1556)
PHP Improper Input Validation Vulnerability (CVE-2009-3291)
WordPress 5.3.x Prototype Pollution (5.3 - 5.3.11)
MediaWiki Release of Invalid Pointer or Reference Vulnerability (CVE-2022-28203)
WordPress Plugin LittleBot ACH for Stripe + Plaid Unspecified Vulnerability (1.2.6)