BIT-joomla-2022-27913

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/joomla/BIT-joomla-2022-27913.json

JSON Data

https://api.test.osv.dev/v1/vulns/BIT-joomla-2022-27913

Aliases

CVE-2022-27913

Published

2025-04-03T14:15:24.691Z

Modified

2025-05-20T10:02:07.006Z

Summary

[20221002] - Core - RXSS through reflection of user input in headings

Details

An issue was discovered in Joomla! 4.2.0 through 4.2.3. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components.

Database specific

{
    "severity": "Medium",
    "cpes": [
        "cpe:2.3:a:joomla:joomla!:*:*:*:*:*:*:*:*"
    ]
}

References

https://developer.joomla.org/security-centre/886-20221002-core-reflected-xss-in-various-components.html
https://nvd.nist.gov/vuln/detail/CVE-2022-27913

Affected packages

Bitnami / joomla

Package

Name: joomla
Purl: pkg:bitnami/joomla

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

4.0.0

Last affected

4.2.3