- Project: Joomla!
- SubProject: CMS
- Impact: Moderate
- Severity: Low
- Versions: 3.0.0 through 3.8.3
- Exploit type: XSS
- Reported Date: 2018-January-21
- Fixed Date: 2018-January-30
- CVE Number: CVE-2018-6380
Lack of escaping in the module chromes leads to XSS vulnerabilities in the module system.
Joomla! CMS versions 3.0.0 through 3.8.3
Upgrade to version 3.8.4
The JSST at the Joomla! Security Centre.
Reported By: David Jardin, JSSTJoomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers!