Product:

Joomla\!

(Joomla)
Repositories https://github.com/joomla/joomla-cms
#Vulnerabilities 260
Date Id Summary Products Score Patch Annotated
2022-03-30 CVE-2022-23800 An issue was discovered in Joomla! 4.0.0 through 4.1.0. Inadequate content filtering leads to XSS vulnerabilities in various components. Joomla\! 6.1
2022-03-30 CVE-2022-23801 An issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in com_media. Joomla\! 6.1
2022-08-31 CVE-2022-27911 An issue was discovered in Joomla! 4.2.0. Multiple Full Path Disclosures because of missing '_JEXEC or die check' caused by the PSR12 changes. Joomla\! 5.3
2022-10-25 CVE-2022-27912 An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests. Joomla\! 5.3
2022-10-25 CVE-2022-27913 An issue was discovered in Joomla! 4.2.0 through 4.2.3. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components. Joomla\! 6.1
2022-11-08 CVE-2022-27914 An issue was discovered in Joomla! 4.0.0 through 4.2.4. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in com_media. Joomla\! 6.1
2023-02-01 CVE-2023-23750 An issue was discovered in Joomla! 4.0.0 through 4.2.6. A missing token check causes a CSRF vulnerability in the handling of post-installation messages. Joomla\! 6.3
2023-02-01 CVE-2023-23751 An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access com_actionlogs. Joomla\! 4.3
2023-11-29 CVE-2023-40626 The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information. Joomla\! 7.5
2024-07-09 CVE-2024-21729 Inadequate input validation leads to XSS vulnerabilities in the accessiblemedia field. Joomla\! 6.1