First published: Wed Apr 16 2008(Updated: )
Cross-site scripting (XSS) vulnerability in the joomlaXplorer (com_joomlaxplorer) Mambo/Joomla! component 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the error parameter in a show_error action to index.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Joomla | ||
Joomla Explorer | <=1.6.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2008-1848 is classified with a medium severity due to its Cross-site scripting (XSS) vulnerability.
To fix CVE-2008-1848, upgrade the JoomlaXplorer component to version 1.6.3 or later.
CVE-2008-1848 affects JoomlaXplorer versions 1.6.2 and earlier.
Yes, CVE-2008-1848 can be exploited remotely by attackers to inject arbitrary web scripts.
CVE-2008-1848 is a Cross-site scripting (XSS) vulnerability.