CVSS: 6.1EPSS: 0%CPEs: 14EXPL: 1CVE-2009-1939
https://notcve.org/view.php?id=CVE-2009-1939
05 Jun 2009 — Cross-site scripting (XSS) vulnerability in the JA_Purity template for Joomla! 1.5.x through 1.5.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en plantilla JA_Purity para Joomla! v1.5.x hasta v1.5.10 permite a atacantes remotos inyectar HTML y secuencias de comandos web a través de vectores no especificados. • http://developer.joomla.org/security/news/296-20090602-core-japurity-xss.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 35EXPL: 0CVE-2008-6299
https://notcve.org/view.php?id=CVE-2008-6299
26 Feb 2009 — Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) the title and description parameters to the com_weblinks module and (2) unspecified vectors in the com_content module related to "article submission." Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados - XSS - en Joomla! v1.5.7 y anteriores, permite a usuarios autentificados remotos inyectar ... • http://developer.joomla.org/security/news/283-20081101-core-comcontent-xss-vulnerability.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •