Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in the (1) com_search, (2) com_content, and (3) mod_login components. NOTE: some of these details are obtained from third party information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Joomla | Joomla\! | < 1.0.13 |
Related Weaknesses (CWE)
References
- http://osvdb.org/38755Broken Link
- http://osvdb.org/38756Broken Link
- http://osvdb.org/38757Broken Link
- http://secunia.com/advisories/26239PatchVendor Advisory
- http://www.joomla.org/content/view/3677/1/Vendor Advisory
- http://www.vupen.com/english/advisories/2007/2719Third Party Advisory
- http://osvdb.org/38755Broken Link
- http://osvdb.org/38756Broken Link
- http://osvdb.org/38757Broken Link
- http://secunia.com/advisories/26239PatchVendor Advisory
- http://www.joomla.org/content/view/3677/1/Vendor Advisory
- http://www.vupen.com/english/advisories/2007/2719Third Party Advisory
FAQ
What is CVE-2007-4189?
CVE-2007-4189 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.13 (aka Sunglow) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in the (1) com_search, ...
How severe is CVE-2007-4189?
CVE-2007-4189 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-4189?
Check the references section above for vendor advisories and patch information. Affected products include: Joomla Joomla\!.