Cross-site scripting (XSS) vulnerability in jce.php in the JCE Admin Component in Ryan Demmer Joomla Content Editor (JCE) 1.0.4 for Joomla! (com_jce), without the 20060821 jce_patch, allows remote malicious users to inject arbitrary web script or HTML via the mosConfig_live_site parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ryan demmer joomla content editor 1.0.4 |