Description
An issue was discovered in Joomla! before 3.9.21. Lack of escaping in mod_latestactions allows XSS attacks.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2014-6578 Vulnerability (CVE-2014-6578)
WordPress Plugin Affiliate Power-Sales Tracking for Affiliate Marketers Cross-Site Scripting (2.2.0)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-1318)
WordPress Plugin Easy Forms for MailChimp Local File Inclusion (6.0.5.5)
WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.2.0)