WEB APPLICATION VULNERABILITIES Standard & Premium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26279)

Description

The wrapper extensions do not correctly validate inputs, leading to XSS vectors.

Remediation

References

Related Vulnerabilities

MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2324)

WordPress Plugin WP-PostRatings SQL Injection (1.83.1)

WordPress 5.5.x Multiple Vulnerabilities (5.5 - 5.5.9)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-0216)

WordPress Plugin Advanced Contact form 7 DB SQL Injection (1.6.1)

Severity

Medium

Classification

CVE-2024-26279 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities