Joomla! 2.5.x < 3.7.0 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists in the JMail API due to PHPMail version information being included in mail headers. An unauthenticated, remote attacker can exploit this to disclose sensitive...

Joomla! 3.5.x < 3.7.0 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists in the JMail API due to PHPMail version information being included in mail headers. An unauthenticated, remote attacker can exploit this to disclose sensitive...

Joomla! Core XSS Vulnerability(CVE-2017-7986)

Joomla! is one of the world's most popular content management system CMS solutions. It enables users to build custom Web sites and powerful online applications. More than 3 percent of Web sites are running Joomla!, and it accounts for more than 9 percent of CMS market share. As of November 2016,...

Joomla Core HTML Attributes Cross-Site Scripting Filter Privilege Escalation (CVE-2017-7986)

A privilege escalation vulnerability exists in Joomla Core. Unauthorized remote attackers may leverage this vulnerability to gain administrative access to the vulnerable server...

CVE-2017-7986

In Joomla! 1.5.0 through 3.6.5 fixed in 3.7.0, inadequate filtering of specific HTML attributes leads to XSS vulnerabilities in various components...

CVE-2017-7986

CVE-2017-7986 affects Joomla! 1.5.0 through 3.6.5; it is caused by inadequate filtering of specific HTML attributes, leading to cross-site scripting in various components. The issue is fixed in 3.7.0. Exploitation details are not provided beyond the XSS description; upgrade to 3.7.0+ to mitigate.