An issue was discovered in Joomla! 3.0.0 through 3.9.26. HTML was missing in the executable block list of MediaHelper::canUpload, leading to XSS attack vectors.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Joomla

Published: 2021-05-26T10:22:33.982379Z

Updated: 2024-09-17T04:24:33.536Z

Reserved: 2021-01-25T00:00:00

Link: CVE-2021-26032

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-05-26T11:15:08.673

Modified: 2024-11-21T05:55:46.827

Link: CVE-2021-26032

cve-icon Redhat

No data.