CVE-2022-27910
CVE-2022-27910 affects Joomla DOCman (Joomlatools) 3.5.13 and likely earlier versions, with a reflected Cross-Site Scripting (XSS) in the image upload function. The vulnerability arises in the image upload handling, enabling injection of script via a crafted image path/parameter. Public details f...