CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-7739
https://notcve.org/view.php?id=CVE-2019-7739
An issue was discovered in Joomla! before 3.9.3. The "No Filtering" textfilter overrides child settings in the Global Configuration. This is intended behavior. However, it might be unexpected for the user because the configuration dialog lacks an additional message to explain this. • http://www.securityfocus.com/bid/107015 https://developer.joomla.org/security-centre/767-20190203-core-additional-warning-in-the-global-configuration-textfilter-settings •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-7740
https://notcve.org/view.php?id=CVE-2019-7740
An issue was discovered in Joomla! before 3.9.3. Inadequate parameter handling in JavaScript code (core.js writeDynaList) could lead to an XSS attack vector. Se ha descubierto un problema en versiones anteriores a la 3.9.3 de Joomla!. El manejo inadecuado de parámetros en el código JavaScript (writeDynaList en core.js) podría conducir a un vector de ataque XSS. • https://developer.joomla.org/security-centre/769-20190205-core-xss-issue-in-core-js-writedynalist • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-7741
https://notcve.org/view.php?id=CVE-2019-7741
An issue was discovered in Joomla! before 3.9.3. Inadequate checks at the Global Configuration helpurl settings allowed stored XSS. Se ha descubierto un problema en versiones anteriores a la 3.9.3 de Joomla!. Las comprobaciones incorrectas de las opciones de la URL de ayuda "Global Configuration" permitían Cross-Site Scripting (XSS) persistente. • https://developer.joomla.org/security-centre/768-20190204-core-stored-xss-issue-in-the-global-configuration-help-url-2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6262
https://notcve.org/view.php?id=CVE-2019-6262
An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration helpurl settings allowed stored XSS. Se ha descubierto un problema en versiones anteriores a la 3.9.2 de Joomla!. Las comprobaciones incorrectas de las opciones de la URL de ayuda "Global Configuration" permitían Cross-Site Scripting (XSS) persistente. • http://www.securityfocus.com/bid/106638 https://developer.joomla.org/security-centre/763-20190104-core-stored-xss-issue-in-the-global-configuration-help-url • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-6264
https://notcve.org/view.php?id=CVE-2019-6264
An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in mod_banners leads to a stored XSS vulnerability. Se ha descubierto un problema en versiones anteriores a la 3.9.2 de Joomla!. El escapado incorrecto en mod_banners conduce a una vulnerabilidad de Cross-Site Scripting (XSS) persistente. • http://www.securityfocus.com/bid/106638 https://developer.joomla.org/security-centre/760-20190101-core-stored-xss-in-mod-banners • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •