– Core – Lack of URL filtering in various core components
- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 2.5.0 through 3.9.2
- Exploit type: XSS
- Reported Date: 2018-November-13
- Fixed Date: 2019-February-12
- CVE Number: CVE-2019-7744
Inadequate filtering on URL fields in various core components could lead to an XSS vulnerability.
Joomla! CMS versions 2.5.0 through 3.9.2
Upgrade to version 3.9.3
The JSST at the Joomla! Security Centre.