CVE-2024-21730
Description
The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector.
CWE
- CWE-79 — CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Affected
- Joomla! Project / Joomla! CMS — v=4.0.0-4.4.5 [affected]; v=5.0.0-5.1.1 [affected]
CVSS
- (none)
References
- https://developer.joomla.org/security-centre/936-20240702-core-self-xss-in-fancyselect-list-field-layout.html vendor-advisory
Source
cvelistV5-main/cves/2024/21xxx/CVE-2024-21730.json