Lucene search
JoomlaCVE-2022-27914HistoryNov 08, 2022 - 7:15 p.m.
CVE-2022-27914
2022-11-0819:15:11
CWE-79
Joomla
web.nvd.nist.gov
37
4
cve-2022-27914
joomla
xss
com_media
security vulnerability
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
6.1
Confidence
High
EPSS
0.003
Percentile
65.1%
An issue was discovered in Joomla! 4.0.0 through 4.2.4. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in com_media.
Affected configurations
Node
joomlajoomla\!Range4.0.0–4.2.5
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-4.2.4"
}
]
}
]Social References
More
Related
prion
prion
Cross site scripting
2022-11-08 19:15:00
cvelist
cvelist
joomla
joomla
[20221101] - Core - RXSS through reflection of user input in com_media
2022-10-28 00:00:00
nvd
nvd
CVE-2022-27914
2022-11-08 19:15:11
nessus
nessus
osv
osv
CVE-2022-27914
2022-11-08 19:15:11
openvas
openvas
Joomla! 4.0.0 - 4.2.4 XSS Vulnerability
2022-11-10 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
6.1
Confidence
High
EPSS
0.003
Percentile
65.1%
Related for CVE-2022-27914