Vulnerability Description
Joomla JLex Review 6.0.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the review_id URL parameter. Attackers can craft malicious links containing JavaScript payloads that execute in victims' browsers when clicked, enabling session hijacking or credential theft.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://extensions.joomla.org/extension/jlex-review/
- https://jlexart.com/
- https://www.exploit-db.com/exploits/51645
- https://www.vulncheck.com/advisories/joomla-jlex-review-reflected-xss-via-review
FAQ
What is CVE-2023-54360?
CVE-2023-54360 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Joomla JLex Review 6.0.1 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the review_id URL parameter. Attackers can craft mali...
How severe is CVE-2023-54360?
CVE-2023-54360 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-54360?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.