Cross site scripting

2010-12-0921:00:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the JXtended Comments component before 1.3.1 for Joomla allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CPENameOperatorVersion
jxtended_commentsle1.3.0
jxtended_commentseq1.2.0
jxtended_commentseq1.2.1

Name	Operator	Version
jxtended_comments	le	1.3.0
jxtended_comments	eq	1.2.0
jxtended_comments	eq	1.2.1

References

jxtended.com/blog/releases/375-jxtended-comments-131-stable-released.html

secunia.com/advisories/42534

www.securityfocus.com/bid/45296