5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
0.037 Low
EPSS
Percentile
91.7%
The JSST and the Joomla! Security Center report:
[20130405] - Core - XSS Vulnerability
Inadequate filtering leads to XSS vulnerability in Voting plugin.
[20130403] - Core - XSS Vulnerability
Inadequate filtering allows possibility of XSS exploit in some
circumstances.
[20130402] - Core - Information Disclosure
Inadequate permission checking allows unauthorised user to see
permission settings in some circumstances.
[20130404] - Core - XSS Vulnerability
Use of old version of Flash-based file uploader leads to XSS
vulnerability.
[20130401] - Core - Privilege Escalation
Inadequate permission checking allows unauthorised user to delete
private messages.
[20130406] - Core - DOS Vulnerability
Object unserialize method leads to possible denial of service
vulnerability.
[20130407] - Core - XSS Vulnerability
Inadequate filtering leads to XSS vulnerability in highlighter
plugin