[Forgot Password]
Login  Register Subscribe

23631

 
 

126951

 
 

99602

 
 

909

 
 

80170

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2015-7324

Date: (C)2017-12-29   (M)2018-01-04 


Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento (com_komento) component before 2.0.5 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) img or (2) url tag of a new comment.

CVSS Score: 9.3Access Vector:
Exploit Score: Access Complexity:
Impact Score: Authentication:
 Confidentiality:
 Integrity:
 Availability:





Reference:
http://seclists.org/fulldisclosure/2015/Oct/11
https://stackideas.com/changelog/komento?version=2.0.5
https://www.davidsopas.com/komento-joomla-component-persistent-xss/

© 2013 SecPod Technologies