An issue exists in Joomla! prior to 3.9.2. Inadequate checks of the Global Configuration Text Filter settings allowed stored XSS.
joomla joomla\\!
CVE-2019-6263-Joomla-POC