N/A

Multiple cross-site scripting (XSS) vulnerabilities in the com_listing component in Barter Sites component 1.3 for Joomla! allow remote authenticated users to inject arbitrary web script or HTML via the (1) listing_title, (2) description, (3) homeurl (aka Website Address), (4) paystring (aka Payment types accepted), (5) sell_price, (6) shipping_cost, and (7) quantity parameters to index.php.

N/A

N/A

Joomla! Barter Sites 组件多个跨站脚本漏洞

Joomla!是美国Open Source Matters团队的一套使用PHP和MySQL开发的开源、跨平台的内容管理系统(CMS)。 Joomla!的Barter Sites 组件1.3版本中的com_listing组件中存在多个跨站脚本漏洞。远程认证用户可借助(1)listing_title,(2)description,(3)homeurl (也称为Website Address),(4)paystring (aka Payment types accepted),(5)sell_price,(6)

N/A

N/A