CVE-2024-26278
MEDIUMJoomla! < 3.10.16 - XSS
Title source: ruleDescription
The Custom Fields component not correctly filter inputs, leading to a XSS vector.
Scores
CVSS v3
6.1
EPSS
0.0001
EPSS Percentile
1.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Classification
CWE
CWE-79
Status
published
Affected Products (1)
joomla/joomla\!
< 3.10.16
Timeline
Published
Jul 09, 2024
Tracked Since
Feb 18, 2026