GHSA-5xmg-w578-gq5j

Опубликовано: 17 мая 2022

Источник: github

Github: Прошло ревью

CVSS4: 1.3

Описание

Joomla! Cross-site Scripting vulnerability

Cross-site scripting (XSS) vulnerability in libraries/idna_convert/example.php in Joomla! 3.1.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2013-5583
https://github.com/joomla/joomla-cms/commit/c00c033d33d901e1ca6be9061a44e55acd041b1f
https://web.archive.org/web/20130810034709/http://disse.cting.org/2013/08/05/joomla-core-3_1_5_reflected-xss-vulnerability
https://web.archive.org/web/20130810103125/http://www.securityfocus.com/bid/61600

Пакеты

Наименование

joomla/joomla-cms

composer

Затронутые версииВерсия исправления

<= 3.1.5

3.1.6

EPSS

Процентиль: 5%

0.00023

Низкий

1.3 Low

CVSS4

CVE ID

CVE-2013-5583

Дефекты

CWE-79

Связанные уязвимости

CVE-2013-5583

nvd

около 12 лет назад

Cross-site scripting (XSS) vulnerability in libraries/idna_convert/example.php in Joomla! 3.1.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.

EPSS

Процентиль: 5%

0.00023

Низкий

1.3 Low

CVSS4

CVE ID

CVE-2013-5583

Дефекты

CWE-79