Description
The cross-site scripting (XSS) countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using "<<>AAA<><>", possibly due to nested or empty tags.
Remediation
References
Related Vulnerabilities
Liferay Portal Missing Authorization Vulnerability (CVE-2022-38512)
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-21650)
WordPress Plugin Prevent files/folders access Cross-Site Request Forgery (1.1.1)
WordPress Plugin Jigoshop-Store Toolkit Privilege Escalation (1.3.7)