Medium Severity Vulnerabilities

Vulnerability Name	CVE CWE	CWE	Severity
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-15696)	CVE-2020-15696 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-24599)	CVE-2020-24599 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23124)	CVE-2021-23124 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23125)	CVE-2021-23125 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23129)	CVE-2021-23129 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23130)	CVE-2021-23130 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26030)	CVE-2021-26030 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26032)	CVE-2021-26032 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26035)	CVE-2021-26035 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26039)	CVE-2021-26039 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23796)	CVE-2022-23796 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23800)	CVE-2022-23800 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23801)	CVE-2022-23801 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27913)	CVE-2022-27913 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27914)	CVE-2022-27914 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21729)	CVE-2024-21729 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21730)	CVE-2024-21730 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21731)	CVE-2024-21731 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26278)	CVE-2024-26278 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26279)	CVE-2024-26279 CWE-707	CWE-707	Medium
Joomla Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2007-4190)	CVE-2007-4190 CWE-138	CWE-138	Medium
Joomla Inadequate Encryption Strength Vulnerability (CVE-2021-23126)	CVE-2021-23126 CWE-326	CWE-326	Medium
Joomla Incorrect Authorization Vulnerability (CVE-2018-17857)	CVE-2018-17857 CWE-863	CWE-863	Medium
Joomla Incorrect Authorization Vulnerability (CVE-2020-11889)	CVE-2020-11889 CWE-863	CWE-863	Medium
Joomla Incorrect Authorization Vulnerability (CVE-2020-11891)	CVE-2020-11891 CWE-863	CWE-863	Medium
Joomla Incorrect Authorization Vulnerability (CVE-2021-26027)	CVE-2021-26027 CWE-863	CWE-863	Medium
Joomla Incorrect Authorization Vulnerability (CVE-2023-23751)	CVE-2023-23751 CWE-863	CWE-863	Medium
Joomla Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2011-4912)	CVE-2011-4912 CWE-732	CWE-732	Medium
Joomla Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-15697)	CVE-2020-15697 CWE-732	CWE-732	Medium
Joomla Insufficient Session Expiration Vulnerability (CVE-2021-26037)	CVE-2021-26037 CWE-613	CWE-613	Medium
Joomla Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-15699)	CVE-2020-15699 CWE-345	CWE-345	Medium
Joomla J!Dump extension enabled	CWE-200	CWE-200	Medium
Joomla Missing Authorization Vulnerability (CVE-2019-18674)	CVE-2019-18674 CWE-862	CWE-862	Medium
Joomla Missing Authorization Vulnerability (CVE-2021-23123)	CVE-2021-23123 CWE-862	CWE-862	Medium
Joomla Other Vulnerability (CVE-2005-3771)	CVE-2005-3771		Medium
Joomla Other Vulnerability (CVE-2005-4650)	CVE-2005-4650		Medium
Joomla Other Vulnerability (CVE-2006-1027)	CVE-2006-1027		Medium
Joomla Other Vulnerability (CVE-2006-1029)	CVE-2006-1029		Medium
Joomla Other Vulnerability (CVE-2006-1030)	CVE-2006-1030		Medium
Joomla Other Vulnerability (CVE-2006-1048)	CVE-2006-1048		Medium
Joomla Other Vulnerability (CVE-2006-1956)	CVE-2006-1956		Medium
Joomla Other Vulnerability (CVE-2006-3480)	CVE-2006-3480		Medium
Joomla Other Vulnerability (CVE-2006-4473)	CVE-2006-4473		Medium
Joomla Other Vulnerability (CVE-2006-4474)	CVE-2006-4474		Medium
Joomla Other Vulnerability (CVE-2006-6834)	CVE-2006-6834		Medium
Joomla Other Vulnerability (CVE-2007-4185)	CVE-2007-4185		Medium
Joomla Other Vulnerability (CVE-2023-23752)	CVE-2023-23752		Medium
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-0114)	CVE-2006-0114 CWE-264	CWE-264	Medium
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3226)	CVE-2008-3226 CWE-264	CWE-264	Medium
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1599)	CVE-2012-1599 CWE-264	CWE-264	Medium
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1611)	CVE-2012-1611 CWE-264	CWE-264	Medium
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-3056)	CVE-2013-3056 CWE-264	CWE-264	Medium
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-3057)	CVE-2013-3057 CWE-264	CWE-264	Medium
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2006-4471)	CVE-2006-4471 CWE-434	CWE-434	Medium
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2011-4907)	CVE-2011-4907 CWE-434	CWE-434	Medium
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-7989)	CVE-2017-7989 CWE-434	CWE-434	Medium
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-5608)	CVE-2015-5608 CWE-601	CWE-601	Medium
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-24598)	CVE-2020-24598 CWE-601	CWE-601	Medium
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-23798)	CVE-2022-23798 CWE-601	CWE-601	Medium
jPlayer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1942)	CVE-2013-1942 CWE-707	CWE-707	Medium
jPlayer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2022)	CVE-2013-2022 CWE-707	CWE-707	Medium
jPlayer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2023)	CVE-2013-2023 CWE-707	CWE-707	Medium
jQuery Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2019-11358)	CVE-2019-11358 CWE-1321	CWE-1321	Medium
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4969)	CVE-2011-4969 CWE-707	CWE-707	Medium
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6708)	CVE-2012-6708 CWE-707	CWE-707	Medium
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-6071)	CVE-2014-6071 CWE-707	CWE-707	Medium
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-9251)	CVE-2015-9251 CWE-707	CWE-707	Medium
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18405)	CVE-2018-18405 CWE-707	CWE-707	Medium
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-7656)	CVE-2020-7656 CWE-707	CWE-707	Medium
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11022)	CVE-2020-11022 CWE-707	CWE-707	Medium
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11023)	CVE-2020-11023 CWE-707	CWE-707	Medium
jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23064)	CVE-2020-23064 CWE-707	CWE-707	Medium
jQuery PrettyPhoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-9478)	CVE-2015-9478 CWE-707	CWE-707	Medium
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5312)	CVE-2010-5312 CWE-707	CWE-707	Medium
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)	CVE-2021-41182 CWE-707	CWE-707	Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-15696)

CVE-2020-15696

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-24599)

CVE-2020-24599

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23124)

CVE-2021-23124

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23125)

CVE-2021-23125

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23129)

CVE-2021-23129

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23130)

CVE-2021-23130

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26030)

CVE-2021-26030

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26032)

CVE-2021-26032

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26035)

CVE-2021-26035

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26039)

CVE-2021-26039

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23796)

CVE-2022-23796

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23800)

CVE-2022-23800

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23801)

CVE-2022-23801

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27913)

CVE-2022-27913

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-27914)

CVE-2022-27914

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21729)

CVE-2024-21729

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21730)

CVE-2024-21730

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-21731)

CVE-2024-21731

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26278)

CVE-2024-26278

CWE-707

Medium

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26279)

CVE-2024-26279

CWE-707

Medium

Joomla Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2007-4190)

CVE-2007-4190

CWE-138

Medium

Joomla Inadequate Encryption Strength Vulnerability (CVE-2021-23126)

CVE-2021-23126

CWE-326

Medium

Joomla Incorrect Authorization Vulnerability (CVE-2018-17857)

CVE-2018-17857

CWE-863

Medium

Joomla Incorrect Authorization Vulnerability (CVE-2020-11889)

CVE-2020-11889

CWE-863

Medium

Joomla Incorrect Authorization Vulnerability (CVE-2020-11891)

CVE-2020-11891

CWE-863

Medium

Joomla Incorrect Authorization Vulnerability (CVE-2021-26027)

CVE-2021-26027

CWE-863

Medium

Joomla Incorrect Authorization Vulnerability (CVE-2023-23751)

CVE-2023-23751

CWE-863

Medium

Joomla Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2011-4912)

CVE-2011-4912

CWE-732

Medium

Joomla Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2020-15697)

CVE-2020-15697

CWE-732

Medium

Joomla Insufficient Session Expiration Vulnerability (CVE-2021-26037)

CVE-2021-26037

CWE-613

Medium

Joomla Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-15699)

CVE-2020-15699

CWE-345

Medium

Joomla J!Dump extension enabled

CWE-200

Medium

Joomla Missing Authorization Vulnerability (CVE-2019-18674)

CVE-2019-18674

CWE-862

Medium

Joomla Missing Authorization Vulnerability (CVE-2021-23123)

CVE-2021-23123

CWE-862

Medium

Joomla Other Vulnerability (CVE-2005-3771)

CVE-2005-3771

Medium

Joomla Other Vulnerability (CVE-2005-4650)

CVE-2005-4650

Medium

Joomla Other Vulnerability (CVE-2006-1027)

CVE-2006-1027

Medium

Joomla Other Vulnerability (CVE-2006-1029)

CVE-2006-1029

Medium

Joomla Other Vulnerability (CVE-2006-1030)

CVE-2006-1030

Medium

Joomla Other Vulnerability (CVE-2006-1048)

CVE-2006-1048

Medium

Joomla Other Vulnerability (CVE-2006-1956)

CVE-2006-1956

Medium

Joomla Other Vulnerability (CVE-2006-3480)

CVE-2006-3480

Medium

Joomla Other Vulnerability (CVE-2006-4473)

CVE-2006-4473

Medium

Joomla Other Vulnerability (CVE-2006-4474)

CVE-2006-4474

Medium

Joomla Other Vulnerability (CVE-2006-6834)

CVE-2006-6834

Medium

Joomla Other Vulnerability (CVE-2007-4185)

CVE-2007-4185

Medium

Joomla Other Vulnerability (CVE-2023-23752)

CVE-2023-23752

Medium

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-0114)

CVE-2006-0114

CWE-264

Medium

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3226)

CVE-2008-3226

CWE-264

Medium

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1599)

CVE-2012-1599

CWE-264

Medium

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1611)

CVE-2012-1611

CWE-264

Medium

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-3056)

CVE-2013-3056

CWE-264

Medium

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-3057)

CVE-2013-3057

CWE-264

Medium

Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2006-4471)

CVE-2006-4471

CWE-434

Medium

Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2011-4907)

CVE-2011-4907

CWE-434

Medium

Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-7989)

CVE-2017-7989

CWE-434

Medium

Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-5608)

CVE-2015-5608

CWE-601

Medium

Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-24598)

CVE-2020-24598

CWE-601

Medium

Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-23798)

CVE-2022-23798

CWE-601

Medium

jPlayer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1942)

CVE-2013-1942

CWE-707

Medium

jPlayer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2022)

CVE-2013-2022

CWE-707

Medium

jPlayer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-2023)

CVE-2013-2023

CWE-707

Medium

jQuery Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2019-11358)

CVE-2019-11358

CWE-1321

Medium

jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4969)

CVE-2011-4969

CWE-707

Medium

jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-6708)

CVE-2012-6708

CWE-707

Medium

jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-6071)

CVE-2014-6071

CWE-707

Medium

jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-9251)

CVE-2015-9251

CWE-707

Medium

jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18405)

CVE-2018-18405

CWE-707

Medium

jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-7656)

CVE-2020-7656

CWE-707

Medium

jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11022)

CVE-2020-11022

CWE-707

Medium

jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11023)

CVE-2020-11023

CWE-707

Medium

jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23064)

CVE-2020-23064

CWE-707

Medium

jQuery PrettyPhoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-9478)

CVE-2015-9478

CWE-707

Medium

jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-5312)

CVE-2010-5312

CWE-707

Medium

jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)

CVE-2021-41182

CWE-707

Medium

Medium Severity Vulnerabilities

Severity

Vulnerability Categories

Still Have Questions?

Take action and discover your vulnerabilities