CVE-2021-23124
Description
An issue was discovered in Joomla! 3.9.0 through 3.9.23. The lack of escaping in mod_breadcrumbs aria-label attribute allows XSS attacks.
CWE
- (none)
Affected
- Joomla! Project / Joomla! CMS — v=3.9.0-3.9.23 [affected]
CVSS
- (none)
References
- https://developer.joomla.org/security-centre/837-20210102-core-xss-in-mod-breadcrumbs-aria-label-attribute.html x_refsource_MISC, vendor-advisory
Source
cvelistV5-main/cves/2021/23xxx/CVE-2021-23124.json