4 matches found
CVE-2024-40748
Lack of output escaping in the id attribute of menu lists...
Joomla! XSS Vulnerability (20250102)
Joomla! is prone to a cross-site scripting XSS vulnerability in the id attribute of menu. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2024-40748
creationtimestamp| type| source ---|---|--- 2025-01-07 16:27:14+00:00| seen| https://infosec.exchange/users/cve/statuses/113788009462822787 2025-01-07 17:15:59+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf65n34y672f 2025-01-07 17:48:47+00:00| seen|...
CVE-2024-40748
CVE-2024-40748 is confirmed in Joomla! core as a cross-site scripting (XSS) vector in the id attribute of menu lists. Multiple connected sources describe lack of output escaping in the id attribute, with no specific exploit details or fixes provided in the documents. The CVSSv3.1 base score is 7....