Description
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the Host HTTP Header.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53277
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/75223
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.org/files/112249/Joomla-2.5.3-Host-Header-Cross-Site-Scripting.html
Scores
EPSS
0.0002
EPSS Percentile
6.4%
Details
CWE
CWE-79
Status
published
Products (1)
joomla/joomla\!
2.5.3
Published
Jul 03, 2012
Tracked Since
Feb 18, 2026