Filter
AND

Joomla[20240701] - Core - XSS in accessible media selection field

medium
6.1
First published (updated )
CVE-2024-21729

Joomla[20240702] - Core - Self-XSS in fancyselect list field layout

medium
5.4
First published (updated )
CVE-2024-21730

Joomla[20240704] - Core - XSS in Wrapper extensions

medium
6.1
First published (updated )
CVE-2024-26279

Joomla[20240705] - Core - XSS in com_fields default field value

medium
6.1
First published (updated )
CVE-2024-26278

Joomla[20240703] - Core - XSS in StringHelper::truncate method

medium
6.1
First published (updated )
CVE-2024-21731

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Joomla[20231101] - Core - Exposure of environment variables

high
7.5
First published (updated )
CVE-2023-40626

Joomla[20230201] - Core - Improper access check in webservice endpoints

medium
5.3
Exploited
First published (updated )
CVE-2023-23752

Joomla[20230102] - Core - Missing ACL checks for com_actionlogs

medium
4.3
First published (updated )
CVE-2023-23751

Joomla[20230101] - Core - CSRF within post-installation messages

medium
6.3
First published (updated )
CVE-2023-23750

Joomla[20221101] - Core - RXSS through reflection of user input in com_media

medium
6.1
First published (updated )
CVE-2022-27914

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Joomla[20221002] - Core - RXSS through reflection of user input in headings

medium
6.1
First published (updated )
CVE-2022-27913

Joomla[20221001] - Core - Debug Mode leaks full request payloads including passwords

medium
5.3
First published (updated )
CVE-2022-27912

Joomla[20220309] - Core - XSS attack vector through SVG

medium
6.1
First published (updated )
CVE-2022-23801

Joomla[20220306] - Core - Inadequate validation of internal URLs

medium
6.1
First published (updated )
CVE-2022-23798

Joomla[20220303] - Core - User row are not bound to a authentication mechanism

critical
9.8
First published (updated )
CVE-2022-23795

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

composer/joomla/filter[20220308] - Core - Inadequate content filtering within the filter code

medium
6.1
First published (updated )
CVE-2022-23800

composer/joomla/filesystem[20220302] - Core - Path Disclosure within filesystem error messages

medium
5.3
First published (updated )
CVE-2022-23794

composer/joomla/input[20220307] - Core - Variable Tampering on JInput $_REQUEST data

critical
9.8
First published (updated )
CVE-2022-23799

composer/joomla/archive[20220301] - Core - Zip Slip within the Tar extractor

high
7.5
First published (updated )
CVE-2022-23793

Joomla[20220305] - Core - Inadequate filtering on the selected Ids

critical
9.8
First published (updated )
CVE-2022-23797

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Joomla[20210801] - Core - Insufficient access control for com_media deletion endpoint

critical
9.1
First published (updated )
CVE-2021-26040

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203