CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
81.1%
Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) website and (2) name parameters to index.php.
Vendor | Product | Version | CPE |
---|---|---|---|
rsjoomla | com_rscomments | 1.0.0 | cpe:2.3:a:rsjoomla:com_rscomments:1.0.0:rev2:*:*:*:*:*:* |
joomla | joomla\! | * | cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* |
packetstormsecurity.org/1006-exploits/joomlarscomments-xss.txt
secunia.com/advisories/40278
www.exploit-db.com/exploits/13935
www.rsjoomla.com/customer-support/documentations/96--general-overview-of-the-component/393-changelog.html
www.securityfocus.com/bid/40977
exchange.xforce.ibmcloud.com/vulnerabilities/59578