2009-02-26 17:17:19 2017-08-17 03:29:12

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! 1.5.7 and earlier allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) the title and description parameters to the com_weblinks module and (2) unspecified vectors in the com_content module related to "article submission."

Vector

NETWORK

Complexity

MEDIUM

Authentication

SINGLE_INSTANCE

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE
Joomla Joomla 1.5.0 rc1 (not an official CPE) Joomla Joomla 1.0 (not an official CPE) Joomla Joomla 1.5 (not an official CPE) Joomla Joomla 1.5.0 beta2 (not an official CPE) Joomla Joomla 1.0.13 (not an official CPE) Joomla Joomla 1.0.14 (not an official CPE) Joomla Joomla 1.03 (not an official CPE) Joomla Joomla 1.5.0 Beta2 (not an official CPE) Joomla Joomla 1.5.0 Beta1 (not an official CPE) Joomla Joomla 1.0.3 (not an official CPE) Joomla Joomla 1.5.1 (not an official CPE) Joomla Joomla 1.0.6 (not an official CPE) Joomla Joomla 1.5.2 (not an official CPE) Joomla Joomla 1.0.7 (not an official CPE) Joomla Joomla 1.0.4 (not an official CPE) Joomla Joomla 1.0.5 (not an official CPE) Joomla Joomla 1.5.5 (not an official CPE) Joomla Joomla 1.5rc3 (not an official CPE) Joomla Joomla 1.5.0 Rc1 (not an official CPE) Joomla Joomla 1.5.3 (not an official CPE) Joomla Joomla 1.0.8 (not an official CPE) Joomla Joomla 1.5.4 (not an official CPE) Joomla Joomla 1.5rc4 (not an official CPE) Joomla Joomla 1.0.9 (not an official CPE) Joomla Joomla 1.0.2 (not an official CPE) Joomla Joomla 1.5.0 beta (not an official CPE) Joomla Joomla 1.0.0 (not an official CPE) Joomla Joomla 1.0.1 (not an official CPE) Joomla Joomla 1.5.0 beta1 (not an official CPE) Joomla Joomla 1.5.7 (not an official CPE) Joomla Joomla 1.0.10 (not an official CPE) Joomla Joomla 1.5.0 Beta (not an official CPE) Joomla Joomla 1.0.12 (not an official CPE) Joomla Joomla 1.5.6 (not an official CPE) Joomla Joomla 1.0.11 (not an official CPE)