1 results (0.005 seconds)

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in the JXtended Comments component before 1.3.1 for Joomla allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en el componente JXtended Comments, en versiones anteriores a la 1.3.1, para Joomla permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de vectores no especificados. • http://jxtended.com/blog/releases/375-jxtended-comments-131-stable-released.html http://secunia.com/advisories/42534 http://www.securityfocus.com/bid/45296 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •