Description
Cross-site scripting (XSS) vulnerability in Joomla! before 1.0.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to poll.php or the module title.
References (7)
Core 7
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23563
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/jp/JVN%2345006961/index.html
Various Sources x_refsource_misc
http://forge.joomla.org/sf/go/artf5985?nav=1
Various Sources x_refsource_misc
http://www.joomla.org/content/view/2495/78/
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/5202
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/21810
Various Sources x_refsource_misc
http://forge.joomla.org/sf/go/artf6844?nav=1
Scores
EPSS
0.0005
EPSS Percentile
15.7%
Details
CWE
CWE-79
Status
published
Products (11)
joomla/joomla
1.0
joomla/joomla
1.0.1
joomla/joomla
1.0.2
joomla/joomla
1.0.3
joomla/joomla
1.0.4
joomla/joomla
1.0.5
joomla/joomla
1.0.7
joomla/joomla
1.0.8
joomla/joomla
1.0.9
joomla/joomla
1.0.10
... and 1 more
Published
Dec 31, 2006
Tracked Since
Feb 18, 2026