Описание
Joomla! CMS vulnerable to XSS via the input filter
Improper handling of input could lead to a cross-site scripting (XSS) vector in the checkAttribute method of the input filter framework class.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-54476
- https://github.com/joomla-framework/filter/commit/188dd3fccd6fa0532d105a52736affdf6b166217
- https://github.com/joomla-framework/filter/commit/852c7e101c649500d3af58ffb8baf15d7c86d825
- https://github.com/joomla-framework/filter/commit/fcde280785f188e93530f7da68102f7dd8f9f723
- https://developer.joomla.org/security-centre/1010-20250901-core-inadequate-content-filtering-within-the-checkattribute-filter-code.html
Пакеты
Наименование
joomla/filter
composer
Затронутые версииВерсия исправления
= 4.0.0
4.0.1
Наименование
joomla/filter
composer
Затронутые версииВерсия исправления
>= 3.0.0, < 3.0.5
3.0.5
Наименование
joomla/filter
composer
Затронутые версииВерсия исправления
< 2.0.6
2.0.6
Связанные уязвимости
nvd
4 месяца назад
Improper handling of input could lead to an XSS vector in the checkAttribute method of the input filter framework class.