2 matches found
CVE-2006-6166
Cross-site scripting XSS vulnerability in jce.php in the JCE Admin Component in Ryan Demmer Joomla Content Editor JCE 1.0.4 for Joomla! comjce, without the 20060821 jcepatch, allows remote attackers to inject arbitrary web script or HTML via the mosConfiglivesite parameter...
CVE-2006-6166
Summary: CVE-2006-6166 is an XSS vulnerability in the Joomla Content Editor (JCE) Admin Component (com_jce) for Joomla! version 1.0.4, exploitable via the mosConfig_live_site parameter when the 20060821 jce_patch is not applied. The issue is caused by unsanitized input in jce.php (JCE Admin Compo...