Inadequate Content Filtering Leads to XSS Vulnerabilities

CVE-2024-21726

Currently unrated 🤨

Key Information

Vendor: Joomla
Status: Joomla! Cms
Vendor: CVE Published:; 29 February 2024

Badges

😄 Trended📰 News Worthy

Summary

The vulnerability CVE-2024-21726 involves inadequate content filtering in various components of the Joomla! Project, leading to XSS vulnerabilities. This can be exploited in multiple ways, creating the potential for a remote code execution attack. Despite being a critical vulnerability, there are currently no known exploitations of this vulnerability in the wild or by ransomware groups.

Affected Version(s)

Joomla! CMS = 3.7.0-3.10.14

Joomla! CMS = 4.0.0-4.4.2

Joomla! CMS = 5.0.0-5.0.2

News Articles

Dark Reading

CVE-2024-21726

Joomla XSS Bugs Open Millions of Websites to RCE

Improper content filtering in a core function allows multiple paths to exploitation for CVE-2024-21726.

9 months ago

Download the Critical Vulnerability Management Cheat Sheet

Timeline

First article discovered by Dark Reading
Mar 1, 2024
Vulnerability published.
Feb 29, 2024
Vulnerability started trending.
Feb 26, 2024
Vulnerability Reserved.
Jan 1, 2024

Collectors

NVD DatabaseMitre Database1 News Article(s)

Credit

Stefan Schiller (Sonar)