Description An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in com_media. Remediation References CVE-2022-23801 Related Vulnerabilities WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Arbitrary File Upload (1.0.83) PHP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-2665) Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-10513) WordPress Plugin Easy Testimonials Cross-Site Scripting (1.36.1) OpenSSL Other Vulnerability (CVE-2007-3108) Severity Medium Classification CVE-2022-23801 CWE-707 Tags Missing Update Known Vulnerabilities