CVE-2006-6832

Joomla! <1.0.12 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Joomla! before 1.0.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to poll.php or the module title.

References (7)

[Various Sources] http://forge.joomla.org/sf/go/artf5985?nav=1

[Various Sources] http://forge.joomla.org/sf/go/artf6844?nav=1

[Third Party Advisory] http://jvn.jp/jp/JVN%2345006961/index.html

[Vendor Advisory] http://secunia.com/advisories/23563

[Various Sources] http://www.joomla.org/content/view/2495/78/

[Patch] http://www.securityfocus.com/bid/21810

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/5202

Scores

EPSS 0.0005

EPSS Percentile 15.4%

Classification

CWE

CWE-79

Status draft

Affected Products (11)

joomla/joomla

Timeline

Published Dec 31, 2006

Tracked Since Feb 18, 2026