CVE-2006-3480

2006-07-1020:00:00

mitre

www.cve.org

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

75.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.10 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters involving the (1) getUserStateFromRequest function, and the (2) SEF and (3) com_messages modules.

References

secunia.com/advisories/20874

www.joomla.org/content/view/1510/74/

www.joomla.org/content/view/1511/78/

www.osvdb.org/26913

www.osvdb.org/26917

www.osvdb.org/26918

www.securityfocus.com/bid/18742

www.vupen.com/english/advisories/2006/2608

exchange.xforce.ibmcloud.com/vulnerabilities/27521