Cross-Site Scripting Vulnerability in Joomla! Beamospetition Component
CVE-2009-0378

Currently unrated

Key Information:

Vendor
Joomla
Vendor
CVE Published:
2 February 2009

Summary

The Beamospetition component for Joomla! contains a cross-site scripting (XSS) vulnerability located in the index.php file. This flaw allows remote attackers to manipulate the pet parameter during a sign action, potentially leading to the injection of arbitrary web scripts or HTML. If exploited, this could allow attackers to execute malicious scripts in the context of a user's browser, compromising user sessions or redirecting users to untrusted sites.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.