CVE-2021-26030

Medium

An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of the default…

Joomla·CWE-79·Published 2021-04-14

CVSS

6.1

EPSS

0.82

KEV

Exploits

cve.orgen

160 chars

An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error page

NVDen

160 chars

An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error page

NVDes

205 chars

Se detectó un problema en Joomla! versiones 3.0.0 hasta 3.9.25. El escape inadecuado permitió ataques de tipo XSS, usando el parámetro logo de las plantillas predeterminadas en la página de error

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N
3.1	Primary	NVD	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N