Joomla! 'Uri' class XSS Vulnerability

2018-01-31T00:00:00

Description

This host is running Joomla and is prone to cross site scripting vulnerability.

{"id": "OPENVAS:1361412562310812681", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Joomla! 'Uri' class XSS Vulnerability", "description": "This host is running Joomla and is prone to cross site scripting\nvulnerability.", "published": "2018-01-31T00:00:00", "modified": "2019-07-05T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310812681", "reporter": "Copyright (C) 2018 Greenbone Networks GmbH", "references": ["https://developer.joomla.org/security-centre/721-20180104-core-xss-vulnerability.html"], "cvelist": ["CVE-2018-6379"], "immutableFields": [], "lastseen": "2019-07-17T14:09:56", "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-6379"]}, {"type": "joomla", "idList": ["JOOMLA-721"]}, {"type": "nessus", "idList": ["JOOMLA_384.NASL", "WEB_APPLICATION_SCANNING_98476", "WEB_APPLICATION_SCANNING_98477", "WEB_APPLICATION_SCANNING_98478", "WEB_APPLICATION_SCANNING_98479", "WEB_APPLICATION_SCANNING_98480", "WEB_APPLICATION_SCANNING_98481", "WEB_APPLICATION_SCANNING_98482", "WEB_APPLICATION_SCANNING_98483", "WEB_APPLICATION_SCANNING_98484", "WEB_APPLICATION_SCANNING_98485", "WEB_APPLICATION_SCANNING_98486", "WEB_APPLICATION_SCANNING_98487", "WEB_APPLICATION_SCANNING_98488"]}]}, "score": {"value": 7.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2018-6379"]}, {"type": "joomla", "idList": ["JOOMLA-721"]}, {"type": "nessus", "idList": ["JOOMLA_DETECT.NASL"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2018-6379", "epss": "0.065430000", "percentile": "0.926050000", "modified": "2023-03-15"}], "vulnersScore": 7.9}, "_state": {"dependencies": 1678916735, "score": 1683966290, "epss": 1678936357}, "_internal": {"score_hash": "48e869def109235dda1d1ac30ecd8de3"}, "pluginID": "1361412562310812681", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Joomla! 'Uri' class XSS Vulnerability\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:joomla:joomla\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.812681\");\n script_version(\"2019-07-05T09:54:18+0000\");\n script_cve_id(\"CVE-2018-6379\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:54:18 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-01-31 11:52:03 +0530 (Wed, 31 Jan 2018)\");\n\n script_name(\"Joomla! 'Uri' class XSS Vulnerability\");\n\n script_tag(name:\"summary\", value:\"This host is running Joomla and is prone to cross site scripting\nvulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw exists due to inadequate input filtering in the Uri class (formerly\nJUri).\");\n\n script_tag(name:\"impact\", value:\"Successfully exploiting this issue will allow remote attackers to execute\narbitrary javascript code in the context of current user.\");\n\n script_tag(name:\"affected\", value:\"Joomla core version 1.5.0 through 3.8.3\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Joomla version 3.8.4 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_xref(name:\"URL\", value:\"https://developer.joomla.org/security-centre/721-20180104-core-xss-vulnerability.html\");\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"joomla_detect.nasl\");\n script_mandatory_keys(\"joomla/installed\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!jPort = get_app_port(cpe:CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:jPort, exit_no_version:TRUE )) exit(0);\njVer = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version:jVer, test_version:\"1.5.0\", test_version2:\"3.8.3\")) {\n report = report_fixed_ver(installed_version:jVer, fixed_version:\"3.8.4\", install_path:path);\n security_message(port:jPort, data:report);\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "Web application abuses"}

{"joomla": [{"lastseen": "2023-06-23T16:28:17", "description": "Inadequate input filtering in the Uri class (formerly JUri) leads to a XSS vulnerability.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2017-11-17T00:00:00", "type": "joomla", "title": "[20180103] - Core - XSS vulnerability in Uri class", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6379"], "modified": "2018-01-30T00:00:00", "id": "JOOMLA-721", "href": "https://developer.joomla.org/security-centre/721-20180103-core-xss-vulnerability.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2023-06-23T15:13:33", "description": "In Joomla! before 3.8.4, inadequate input filtering in the Uri class (formerly JUri) leads to an XSS vulnerability.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 6.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2018-01-30T17:29:00", "type": "cve", "title": "CVE-2018-6379", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6379"], "modified": "2018-02-13T17:56:00", "cpe": [], "id": "CVE-2018-6379", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6379", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": []}], "nessus": [{"lastseen": "2023-05-20T14:41:50", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. (CVE-2018-6380)\n\n - The XSS vulnerability in com_fields as noted in the 20180102 announcement affects 3.7.0 through 3.8.3. (CVE-2018-6377)\n\n - The XSS vulnerability in Uri class as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\n - The SQLi vulnerability in Hathor postinstall message as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 1.7.x < 3.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6377", "CVE-2018-6379", "CVE-2018-6380"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98486", "href": "https://www.tenable.com/plugins/was/98486", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:16:18", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. (CVE-2018-6380)\n\n - The XSS vulnerability in com_fields as noted in the 20180102 announcement affects 3.7.0 through 3.8.3. (CVE-2018-6377)\n\n - The XSS vulnerability in Uri class as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\n - The SQLi vulnerability in Hathor postinstall message as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 1.6.x < 3.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6377", "CVE-2018-6379", "CVE-2018-6380"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98487", "href": "https://www.tenable.com/plugins/was/98487", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:16:23", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. (CVE-2018-6380)\n\n - The XSS vulnerability in com_fields as noted in the 20180102 announcement affects 3.7.0 through 3.8.3. (CVE-2018-6377)\n\n - The XSS vulnerability in Uri class as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\n - The SQLi vulnerability in Hathor postinstall message as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.3.x < 3.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6377", "CVE-2018-6379", "CVE-2018-6380"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98481", "href": "https://www.tenable.com/plugins/was/98481", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:41:47", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. (CVE-2018-6380)\n\n - The XSS vulnerability in com_fields as noted in the 20180102 announcement affects 3.7.0 through 3.8.3. (CVE-2018-6377)\n\n - The XSS vulnerability in Uri class as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\n - The SQLi vulnerability in Hathor postinstall message as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.5.x < 3.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6377", "CVE-2018-6379", "CVE-2018-6380"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98479", "href": "https://www.tenable.com/plugins/was/98479", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:16:22", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. (CVE-2018-6380)\n\n - The XSS vulnerability in com_fields as noted in the 20180102 announcement affects 3.7.0 through 3.8.3. (CVE-2018-6377)\n\n - The XSS vulnerability in Uri class as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\n - The SQLi vulnerability in Hathor postinstall message as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.8.x < 3.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6377", "CVE-2018-6379", "CVE-2018-6380"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98476", "href": "https://www.tenable.com/plugins/was/98476", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:41:44", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. (CVE-2018-6380)\n\n - The XSS vulnerability in com_fields as noted in the 20180102 announcement affects 3.7.0 through 3.8.3. (CVE-2018-6377)\n\n - The XSS vulnerability in Uri class as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\n - The SQLi vulnerability in Hathor postinstall message as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.7.x < 3.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6377", "CVE-2018-6379", "CVE-2018-6380"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98477", "href": "https://www.tenable.com/plugins/was/98477", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:41:56", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. (CVE-2018-6380)\n\n - The XSS vulnerability in com_fields as noted in the 20180102 announcement affects 3.7.0 through 3.8.3. (CVE-2018-6377)\n\n - The XSS vulnerability in Uri class as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\n - The SQLi vulnerability in Hathor postinstall message as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.2.x < 3.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6377", "CVE-2018-6379", "CVE-2018-6380"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98482", "href": "https://www.tenable.com/plugins/was/98482", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:41:56", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. (CVE-2018-6380)\n\n - The XSS vulnerability in com_fields as noted in the 20180102 announcement affects 3.7.0 through 3.8.3. (CVE-2018-6377)\n\n - The XSS vulnerability in Uri class as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\n - The SQLi vulnerability in Hathor postinstall message as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 2.5.x < 3.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6377", "CVE-2018-6379", "CVE-2018-6380"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98485", "href": "https://www.tenable.com/plugins/was/98485", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:41:50", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. (CVE-2018-6380)\n\n - The XSS vulnerability in com_fields as noted in the 20180102 announcement affects 3.7.0 through 3.8.3. (CVE-2018-6377)\n\n - The XSS vulnerability in Uri class as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\n - The SQLi vulnerability in Hathor postinstall message as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 1.5.x < 3.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6377", "CVE-2018-6379", "CVE-2018-6380"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98488", "href": "https://www.tenable.com/plugins/was/98488", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:16:23", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. (CVE-2018-6380)\n\n - The XSS vulnerability in com_fields as noted in the 20180102 announcement affects 3.7.0 through 3.8.3. (CVE-2018-6377)\n\n - The XSS vulnerability in Uri class as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\n - The SQLi vulnerability in Hathor postinstall message as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.1.x < 3.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6377", "CVE-2018-6379", "CVE-2018-6380"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98483", "href": "https://www.tenable.com/plugins/was/98483", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:41:50", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. (CVE-2018-6380)\n\n - The XSS vulnerability in com_fields as noted in the 20180102 announcement affects 3.7.0 through 3.8.3. (CVE-2018-6377)\n\n - The XSS vulnerability in Uri class as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\n - The SQLi vulnerability in Hathor postinstall message as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.4.x < 3.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6377", "CVE-2018-6379", "CVE-2018-6380"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98480", "href": "https://www.tenable.com/plugins/was/98480", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:41:52", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. (CVE-2018-6380)\n\n - The XSS vulnerability in com_fields as noted in the 20180102 announcement affects 3.7.0 through 3.8.3. (CVE-2018-6377)\n\n - The XSS vulnerability in Uri class as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\n - The SQLi vulnerability in Hathor postinstall message as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.6.x < 3.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6377", "CVE-2018-6379", "CVE-2018-6380"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98478", "href": "https://www.tenable.com/plugins/was/98478", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T14:16:22", "description": "According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :\n\n - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3. (CVE-2018-6380)\n\n - The XSS vulnerability in com_fields as noted in the 20180102 announcement affects 3.7.0 through 3.8.3. (CVE-2018-6377)\n\n - The XSS vulnerability in Uri class as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\n - The SQLi vulnerability in Hathor postinstall message as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\nNote that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-11-05T00:00:00", "type": "nessus", "title": "Joomla! 3.0.x < 3.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6377", "CVE-2018-6379", "CVE-2018-6380"], "modified": "2023-03-14T00:00:00", "cpe": ["cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*"], "id": "WEB_APPLICATION_SCANNING_98484", "href": "https://www.tenable.com/plugins/was/98484", "sourceData": "No source data", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:47", "description": "According to its self-reported version number, the Joomla! installation running on the remote web server is 1.5.0 or later but prior to 3.8.4. It is, therefore, affected by multiple XSS and SQLi vulnerabilities :\n\n - The XSS vulnerability in module chromes as noted in the 20180101 announcement affects 3.0.0 through 3.8.3.\n (CVE-2018-6380)\n\n - The XSS vulnerability in com_fields as noted in the 20180102 announcement affects 3.7.0 through 3.8.3.\n (CVE-2018-6377)\n\n - The XSS vulnerability in Uri class as noted in the 20180103 announcement affects 1.5.0 through 3.8.3.\n (CVE-2018-6379)\n\n - The SQLi vulnerability in Hathor postinstall message as noted in the 20180103 announcement affects 1.5.0 through 3.8.3. (CVE-2018-6379)\n\nNote that Nessus has not attempted to exploit these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2018-02-06T00:00:00", "type": "nessus", "title": "Joomla! 1.5.0 < 3.8.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-6376", "CVE-2018-6377", "CVE-2018-6379", "CVE-2018-6380"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:joomla:joomla%5c%21"], "id": "JOOMLA_384.NASL", "href": "https://www.tenable.com/plugins/nessus/106631", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106631);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2018-6376\",\n \"CVE-2018-6377\",\n \"CVE-2018-6379\",\n \"CVE-2018-6380\"\n );\n script_bugtraq_id(\n 102916,\n 102917,\n 102918,\n 102921\n );\n\n script_name(english:\"Joomla! 1.5.0 < 3.8.4 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server contains a PHP application that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Joomla!\ninstallation running on the remote web server is 1.5.0 or later but\nprior to 3.8.4. It is, therefore, affected by multiple XSS and SQLi\nvulnerabilities :\n\n - The XSS vulnerability in module chromes as noted in the\n 20180101 announcement affects 3.0.0 through 3.8.3.\n (CVE-2018-6380)\n\n - The XSS vulnerability in com_fields as noted in the\n 20180102 announcement affects 3.7.0 through 3.8.3.\n (CVE-2018-6377)\n\n - The XSS vulnerability in Uri class as noted in the\n 20180103 announcement affects 1.5.0 through 3.8.3.\n (CVE-2018-6379)\n\n - The SQLi vulnerability in Hathor postinstall message\n as noted in the 20180103 announcement affects 1.5.0\n through 3.8.3. (CVE-2018-6379)\n\nNote that Nessus has not attempted to exploit these issues but has\ninstead relied only on the application's self-reported version number.\");\n # https://developer.joomla.org/security-centre/718-20180101-core-xss-vulnerability.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4b2a148f\");\n # https://developer.joomla.org/security-centre/720-20180102-core-xss-vulnerability.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d012364d\");\n # https://developer.joomla.org/security-centre/721-20180103-core-xss-vulnerability.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?db1927db\");\n # https://developer.joomla.org/security-centre/722-20180104-core-sqli-vulnerability.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e33b8acb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Joomla! version 3.8.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:ND\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:X\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/02/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:joomla:joomla\\!\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"joomla_detect.nasl\");\n script_require_keys(\"installed_sw/Joomla!\", \"www/PHP\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"http.inc\");\ninclude(\"vcf.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\napp_info = vcf::get_app_info(app:\"Joomla!\", port:port, webapp:TRUE);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { \"min_version\" : \"1.5.0\", \"fixed_version\" : \"3.8.4\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE, flags:{xss:TRUE, sqli:TRUE});\n", "cvss": {"score": 0.0, "vector": "NONE"}}]}

Joomla! 'Uri' class XSS Vulnerability

Description

Related