2 matches found
Joomla! 3.x < 3.9.4 Multiple Vulnerabilities
According to its self-reported version number, the Joomla! installation running on the remote web server is prior to 3.9.4. It is, therefore, affected by multiple vulnerabilities: - A logic error exists in sample data plugins that allows remote attackers to gain unauthorized access to unspecified...
CVE-2019-9714
CVE-2019-9714 applies to Joomla! core prior to 3.9.4, where the media form field does not escape input, enabling cross-site scripting (XSS) in affected pages. Multiple sources (NVD, CNVD, osv, prion, Joomla security notice) corroborate that this is a browser-based XSS vulnerability in the media f...