Lucene search
K

8 matches found

OSV
OSV
added 2025/04/03 2:11 p.m.7 views

BIT-JOOMLA-2021-23124 [20210102] - Core - XSS in mod_breadcrumbs aria-label attribute

An issue was discovered in Joomla! 3.9.0 through 3.9.23. The lack of escaping in modbreadcrumbs aria-label attribute allows XSS attacks...

6.1CVSS5.9AI score0.81167EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2022/09/20 12:0 a.m.10 views

Joomla! Cross-Site Scripting (CVE-2021-23124)

A stored cross-site scripting vulnerability exists in Joomla! CMS Core. The vulnerability is due to improper validation of the title parameter in the modbreadcrumbs module. A remote, authenticated attacker can exploit the vulnerability by sending a crafted request to the server...

4.3CVSS2.3AI score0.81167EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/01/14 12:0 a.m.35 views

Joomla 3.0.x < 3.9.24 Multiple Vulnerabilities (5830-joomla-3-9-24)

According to its self-reported version, the instance of Joomla! running on the remote web server is 3.0.x prior to 3.9.24. It is, therefore, affected by multiple vulnerabilities. - An issue was discovered in Joomla! 3.0.0 through 3.9.23. The lack of ACL checks in the orderPosition endpoint of...

6.1CVSS5.8AI score0.81167EPSS
Exploits0References7
NVD
NVD
added 2021/01/12 9:15 p.m.16 views

CVE-2021-23124

An issue was discovered in Joomla! 3.9.0 through 3.9.23. The lack of escaping in modbreadcrumbs aria-label attribute allows XSS attacks...

6.1CVSS6AI score0.81167EPSS
Exploits0References1
Prion
Prion
added 2021/01/12 9:15 p.m.16 views

Cross site scripting

An issue was discovered in Joomla! 3.9.0 through 3.9.23. The lack of escaping in modbreadcrumbs aria-label attribute allows XSS attacks...

4.3CVSS6AI score0.81167EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/01/12 8:19 p.m.26 views

CVE-2021-23124 [20210102] - Core - XSS in mod_breadcrumbs aria-label attribute

An issue was discovered in Joomla! 3.9.0 through 3.9.23. The lack of escaping in modbreadcrumbs aria-label attribute allows XSS attacks...

6.1AI score0.81167EPSS
Exploits0References1
CVE
CVE
added 2021/01/12 8:19 p.m.152 views

CVE-2021-23124

CVE-2021-23124 affects Joomla! 3.9.0–3.9.23, due to lack of escaping in the mod_breadcrumbs aria-label attribute, which allows cross-site scripting (XSS). The issue is documented across multiple feeds (NVD, OSV, CNVD, osv.dev) with consolidated descriptions. Exploitation would involve crafting in...

6.1CVSS5.9AI score0.81167EPSS
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2020/09/01 12:0 a.m.47 views

[20210102] - Core - XSS in mod_breadcrumbs aria-label attribute

Lack of escaping in modbreadcrumbs aria-label attribute allows XSS attacks...

6.1CVSS3.3AI score0.81167EPSS
Exploits0Affected Software1
Rows per page
Query Builder