Lucene search
GoogleOSV:CVE-2024-26278HistoryJul 09, 2024 - 5:15 p.m.
CVE-2024-26278
2024-07-0917:15:14
Google
osv.dev
1
custom fields component
xss vector
unfiltered inputs
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
5.8
Confidence
High
The Custom Fields component not correctly filter inputs, leading to a XSS vector.
Related
joomla
joomla
[20240705] - Core - XSS in com_fields default field value
2024-06-09 00:00:00
cvelist
cvelist
CVE-2024-26278 [20240705] - Core - XSS in com_fields default field value
2024-07-09 16:15:44
nvd
nvd
CVE-2024-26278
2024-07-09 17:15:14
cve
cve
CVE-2024-26278
2024-07-09 17:15:14
vulnrichment
vulnrichment
CVE-2024-26278 [20240705] - Core - XSS in com_fields default field value
2024-07-09 16:15:44
openvas
openvas
Joomla! Multiple XSS Vulnerabilities (20240703, 20240704)
2024-07-10 00:00:00
nessus
nessus
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
5.8
Confidence
High
Related for OSV:CVE-2024-26278