2 matches found
Joomla! < 3.8.8 Multiple Vulnerabilities
According to its self-reported version number, the Joomla! installation running on the remote web server is prior to 3.8.8. It is, therefore, affected by a multiple vulnerabilities. Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's...
CVE-2018-11328
CVE-2018-11328 affects Joomla! Core up to version 3.8.7. The issue arises when a redirect Location header contains a username:password in the URI and the user-info portion is not escaped, enabling a Cross-Site Scripting (XSS) vector. Exploitation path is consistent with “Possible XSS attack in th...