Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2011-4909 - Vulnerability Database
Joomla

Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2011-4909

Medium
Reference: CVE-2011-4909
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2011-4909
Title: Joomla Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

Multiple cross-site scripting (XSS) vulnerabilities in Joomla before 1.5.12 allow remote attackers to inject arbitrary web script or HTML via the HTTP_REFERER header to (1) components/com_content/views/article/tmpl/form.php (2) components/com_user/controller.php (3) plugins/system/legacy/html.php or (4) templates/beez/html/com_content/article/form.php.