2 matches found
CVE-2015-3619
Cross-site scripting XSS vulnerability in assets/js/vm2admin.js in the VirtueMart component before 3.0.8 for Joomla! allows remote attackers to inject arbitrary web script or HTML via vectors involving a "double encode combination of firstname, lastname and company."...
CVE-2015-3619
Vulnerability (CVE-2015-3619) : Affected software is the VirtueMart component for Joomla! prior to 3.0.8. The issue lies in assets/js/vm2admin.js, where a cross-site scripting (XSS) vulnerability can be triggered by a double-encode sequence involving first_name, last_name, and company. Public sou...