CVE-2024-26279

State: PUBLISHED · Published: 2024-07-09 · Updated: 2025-03-26 · Assigner: Joomla

Description

The wrapper extensions do not correctly validate inputs, leading to XSS vectors.

CWE

CWE-79 — CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected

Joomla! Project / Joomla! CMS — v=3.7.0-3.10.15 [affected]; v=4.0.0-4.4.5 [affected]; v=5.0.0-5.1.1 [affected]

CVSS

References

Source

cvelistV5-main/cves/2024/26xxx/CVE-2024-26279.json