Description
Multiple cross-site scripting (XSS) vulnerabilities in the Webee Comments (com_webeecomment) component 1.1.1, 1.2, and 2.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) color, (2) img, or (3) url BBCode tags in unspecified vectors.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Jeff Channell · textwebappsphp
https://www.exploit-db.com/exploits/33638
References (2)
Core 2
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/38204
Exploit x_refsource_misc
http://jeffchannell.com/Joomla/webee-111-multiple-vulnerabilities.html
Scores
EPSS
0.0020
EPSS Percentile
42.2%
Details
CWE
CWE-79
Status
published
Products (3)
onnogroen/com_webeecomment
1.1.1
onnogroen/com_webeecomment
1.2
onnogroen/com_webeecomment
2.0
Published
Feb 22, 2010
Tracked Since
Feb 18, 2026