Cross-site Scripting Vulnerability in BSQ Sitestats for Joomla by BSQ Software
CVE-2006-7122

Currently unrated

Key Information:

Vendor: Joomla
Status: Bsq Sitestats
Vendor: CVE Published:; 6 March 2007

Summary

The BSQ Sitestats component for Joomla is susceptible to a Cross-site Scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web scripts and HTML code through the 'ip' parameter. This exploitation can lead to unauthorized data access, user credential theft, or delivery of malicious payloads. Versions of the software prior to 2.2.1, including 1.8.0, are particularly vulnerable, highlighting the importance of updating to mitigate potential security risks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/29266

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/20267

vdb-entryx_refsource_BID

http://securityreason.com/securityalert/2360

third-party-advisoryx_refsource_SREASON

Timeline

Vulnerability published
Mar 6, 2007
Vulnerability Reserved
Mar 5, 2007