Cross site scripting

2009-12-0217:30:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in index.php in the ProofReader (com_proofreader) component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script or HTML via the URI, which is not properly handled in (1) 404 or (2) error pages.

CPENameOperatorVersion
com_proofreaderle1.0
com_proofreadereq1.0 rc6

CPE	Name	Operator	Version
	com_proofreader	le	1.0
	com_proofreader	eq	1.0 rc6

References

websecurity.com.ua/3482/

www.securityfocus.com/bid/37145