CVE-2007-4779

Cross-site scripting (XSS) vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the archive section.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:joomla:joomla:1.5.0_beta:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla:1.5.0_beta2:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla:1.5.0_rc1:*:*:*:*:*:*:*

History

21 Nov 2024, 00:36

Type Values Removed Values Added
References () http://osvdb.org/38416 - () http://osvdb.org/38416 -
References () http://securityreason.com/securityalert/3108 - () http://securityreason.com/securityalert/3108 -
References () http://www.joomla.org/content/view/3831/1/ - Patch () http://www.joomla.org/content/view/3831/1/ - Patch
References () http://www.securityfocus.com/archive/1/478451/100/0/threaded - () http://www.securityfocus.com/archive/1/478451/100/0/threaded -
References () http://www.securityfocus.com/bid/25508 - Exploit, Patch () http://www.securityfocus.com/bid/25508 - Exploit, Patch
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/36425 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/36425 -

Information

Published : 2007-09-10 21:17

Updated : 2024-11-21 00:36


NVD link : CVE-2007-4779

Mitre link : CVE-2007-4779

CVE.ORG link : CVE-2007-4779


JSON object : View

Products Affected

joomla

  • joomla
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')