The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector.
History

Fri, 16 Aug 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Joomla
Joomla joomla\!
CPEs cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*
Vendors & Products Joomla
Joomla joomla\!
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Joomla

Published: 2024-07-09T16:15:49.888Z

Updated: 2024-08-02T04:33:43.196Z

Reserved: 2024-01-01T04:30:58.881Z

Link: CVE-2024-21730

cve-icon Vulnrichment

Updated: 2024-08-01T22:27:35.784Z

cve-icon NVD

Status : Modified

Published: 2024-07-09T17:15:14.580

Modified: 2024-11-21T08:54:53.543

Link: CVE-2024-21730

cve-icon Redhat

No data.