Description An issue was discovered in Joomla! before 3.9.21. Lack of escaping in mod_latestactions allows XSS attacks. Remediation References CVE-2020-24599 Related Vulnerabilities WordPress Plugin Zedna Contact form Directory Traversal (1.1) WordPress Plugin Data Tables Generator by Supsystic Security Bypass (1.10.25) ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5056) WordPress Plugin The Events Calendar Unspecified Vulnerability (4.0.4) WordPress Plugin Easy Plugin for AdSense Cross-Site Request Forgery (6.06) Severity Medium Classification CVE-2020-24599 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities