Published: 20/10/2014 Updated: 29/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the ja_purity template for Joomla! 1.5.26 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the Mod* cookie parameter to html/modules.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
joomla joomla\\! 1.5.20
joomla joomla\\! 1.5.2
joomla joomla\\! 1.5.14
joomla joomla\\! 1.5.13
joomla joomla\\! 1.5.7
joomla joomla\\! 1.5.8
joomla joomla\\! 1.5.22
joomla joomla\\! 1.5.21
joomla joomla\\! 1.5.15
joomla joomla\\! 1.5.5
joomla joomla\\! 1.5.6
joomla joomla\\!
joomla joomla\\! 1.5.25
joomla joomla\\! 1.5.19
joomla joomla\\! 1.5.18
joomla joomla\\! 1.5.12
joomla joomla\\! 1.5.11
joomla joomla\\! 1.5.9
joomla joomla\\! 1.5.1
joomla joomla\\! 1.5.24
joomla joomla\\! 1.5.23
joomla joomla\\! 1.5.17
joomla joomla\\! 1.5.16
joomla joomla\\! 1.5.10
joomla joomla\\! 1.5.3
joomla joomla\\! 1.5.4
joomla joomla\\! 1.5.0

Joomla version 1526 suffers from a cross site scripting vulnerability in the ja_purity template ...

CWE-79 http://archives.neohapsis.com/archives/bugtraq/2012-05/0021.html http://www.waraxe.us/advisory-87.html http://www.securityfocus.com/bid/53382 https://exchange.xforce.ibmcloud.com/vulnerabilities/75398 https://nvd.nist.gov https://packetstormsecurity.com/files/112441/Joomla-1.5.26-ja_purity-Cross-Site-Scripting.html

CVE-2012-2413

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect