9 matches found
EUVD-2019-0368
Malware in sbrugna...
EUVD-2022-28733
Malicious code in bioql PyPI...
BIT-JOOMLA-2022-23801 [20220309] - Core - XSS attack vector through SVG
An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in commedia...
Joomla! 2.5.x < 3.10.7 Multiple Vulnerabilities
According to its self-reported version, the instance of Joomla! running on the remote web server is 2.5.x prior to 3.10.7 or 4.x prior to 4.1.1. It is, therefore, affected by multiple vulnerabilities. - Extracting an specifilcy crafted tar package could write files outside of the intended path...
CVE-2022-23801
An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in commedia...
Design/Logic Flaw
An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in commedia...
CVE-2022-23801
Joomla! 4.0.0–4.1.0 is affected by a cross-site scripting (XSS) vulnerability via an SVG embedding path in com_media. Root cause: improper handling/cleanup of SVG content leading to executable HTML/script in the user’s browser. Public references describe a possible XSS attack vector through SVGs,...
PT-2022-16273 · Joomla · Joomla!
Name of the Vulnerable Software and Affected Versions: Joomla! versions 4.0.0 through 4.1.0 Description: An issue was discovered in Joomla, allowing a possible XSS attack vector through SVG embedding in com media. Recommendations: For Joomla! versions 4.0.0 through 4.1.0, consider disabling the S...
[20220309] - Core - XSS attack vector through SVG
Possible XSS attack vector through SVG embedding in commedia...