CVE-2022-27914

[20221101] - Core - RXSS through reflection of user input in com_media

EPSS 0.5%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.5%KEV nãoPoC —Patch referenciado

Lifecycle

Nov 08, 2022Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

An issue was discovered in Joomla! 4.0.0 through 4.2.4. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in com_media.

Affected products

Joomla! Project · Joomla! CMS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://developer.joomla.org/security-centre/887-20221101-core-rxss-through-reflection-of-user-input-in-com-media.html