FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

joomla3 -- vulnerabilitiesw

Affected packages
joomla3 < 3.9.2

Details

VuXML ID 6aa398d0-1c4d-11e9-96dd-a4badb296695
Discovery 2018-12-01
Entry 2019-01-20

JSST reports:

Inadequate escaping in mod_banners leads to a stored XSS vulnerability.

Inadequate escaping in com_contact leads to a stored XSS vulnerability

Inadequate checks at the Global Configuration Text Filter settings allowed a stored XSS.

Inadequate checks at the Global Configuration helpurl settings allowed a stored XSS.

References

CVE Name CVE-2019-6261
CVE Name CVE-2019-6262
CVE Name CVE-2019-6263
CVE Name CVE-2019-6264
URL https://developer.joomla.org/security-centre/760-00190101-core-stored-xss-in-mod-banners.html
URL https://developer.joomla.org/security-centre/761-20190102-core-stored-xss-in-com-contact.html
URL https://developer.joomla.org/security-centre/762-20190103-core-stored-xss-issue-in-the-global-configuration-textfilter-settings.html
URL https://developer.joomla.org/security-centre/763-20190104-core-stored-xss-issue-in-the-global-configuration-help-url.html