Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento (com_komento) component before 2.0.5 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) img or (2) url tag of a new comment.
Published at: December 27, 2017 at 07:29PM
View on website
New vulnerability on the NVD: CVE-2015-7324
Tag: government hack NVD security
No comments: