Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJoomlaCVELIST:CVE-2024-26278
HistoryJul 09, 2024 - 4:15 p.m.

CVE-2024-26278 [20240705] - Core - XSS in com_fields default field value

2024-07-0916:15:44
CWE-79
Joomla
www.cve.org
2
custom fields
xss vector
input filtering

EPSS

0.001

Percentile

26.1%

JSON

The Custom Fields component not correctly filter inputs, leading to a XSS vector.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Joomla! CMS",
    "vendor": "Joomla! Project",
    "versions": [
      {
        "status": "affected",
        "version": "3.7.0-3.10.15"
      },
      {
        "status": "affected",
        "version": "4.0.0-4.4.5"
      },
      {
        "status": "affected",
        "version": "5.0.0-5.1.1"
      }
    ]
  }
]

Related

osv 1
joomla 1
vulnrichment 1
nvd 1
cve 1
openvas 1
nessus 4
osv
osv
CVE-2024-26278
2024-07-09 17:15:14
joomla
joomla
[20240705] - Core - XSS in com_fields default field value
2024-06-09 00:00:00
vulnrichment
vulnrichment
CVE-2024-26278 [20240705] - Core - XSS in com_fields default field value
2024-07-09 16:15:44
nvd
nvd
CVE-2024-26278
2024-07-09 17:15:14
cve
cve
CVE-2024-26278
2024-07-09 17:15:14
openvas
openvas
Joomla! Multiple XSS Vulnerabilities (20240703, 20240704)
2024-07-10 00:00:00
nessus
nessus
Joomla 3.0.x < 3.10.16 / 4.0.x < 4.4.6 / 5.0.x < 5.1.2 Multiple Vulnerabilities (5909-joomla-5-1-2-and-joomla-4-4-6-security-and-bug-fix-release)
2024-07-09 00:00:00
Joomla! 4.x < 4.4.6 Multiple Vulnerabilities
2024-07-18 00:00:00
Joomla! 5.x < 5.1.2 Multiple Vulnerabilities
2024-07-18 00:00:00

EPSS

0.001

Percentile

26.1%

JSON
Related for CVELIST:CVE-2024-26278
osv1joomla1vulnrichment1nvd1cve1openvas1nessus4