@ottimis/angular-utils (>=1.3.36 <=5.6.1), @solidpepper/solidpepper-modal-media-selection (>=1.0.2 <=1.0.5) +3 more potentially affected by unknown CVE via ng2-file-upload (=9.0.0)

ng2-file-upload NPM version =9.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on ng2-file-upload and may be impacted: - @ottimis/angular-utils =1.3.36, =1.0.2, =1.4.1-A20, =0.1.4, =0.1.31 Source cves: unknown CVE Source advisory:...

CVE-2024-21724

Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions...

BIT-JOOMLA-2024-21724 [20240203] - Core - XSS in media selection fields

Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions...

CVE-2024-21729 [20240701] - Core - XSS in accessible media selection field

Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field...

CVE-2024-21724

Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions...

CVE-2024-21724

Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions...

Input validation

Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions...

Joomla! XSS Vulnerability (20240203)

Joomla! is prone to a cross-site scripting XSS vulnerability in media selection fields. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Joomla! 5.x < 5.0.3 Multiple Vulnerabilities

According to its self-reported version, the instance of Joomla! running on the remote web server is 1.5.x prior to 4.4.3 or 5.x prior to 5.0.3. It is, therefore, affected by multiple vulnerabilities. - An insufficient session expiration in MFA management views. CVE-2024-21722 - An open redirect i...

CVE-2024-21724 [20240203] - Core - XSS in media selection fields

Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions...

CVE-2024-21724 [20240203] - Core - XSS in media selection fields

Inadequate input validation for media selection fields lead to XSS vulnerabilities in various extensions...

CVE-2024-21724

Joomla! CMS core contains a Cross-site Scripting (XSS) vulnerability due to inadequate input validation in media selection fields (CVE-2024-21724). Affected software: Joomla! core components handling media selection in extensions. Root cause: insufficient validation in media selection input paths...

[20240701] - Core - XSS in accessible media selection field

Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field...