CVE-2018-12711

An XSS issue was discovered in the language switcher module in Joomla! 1.6.0 through 3.8.8 before 3.8.9. In some cases, the link of the current language might contain unescaped HTML special characters. This may lead to reflective XSS via injection of arbitrary parameters and/or values on the current page URL.

CVSS v3 6.1 MEDIUM
CVSS v2.0 4.3 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector : AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.securityfocus.com/bid/104565	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1041244	VDB Entry Third Party Advisory
https://developer.joomla.org/security-centre/740-20180602-core-xss-vulnerability-in-language-switcher-module	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-06-26 19:29

Updated : 2024-02-04 19:46

NVD link : CVE-2018-12711

Mitre link : CVE-2018-12711

CVE.ORG link : CVE-2018-12711

JSON object : View

Products Affected

joomla

joomla\!

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2018-12711", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2018-06-26T19:29:00.250", "references": [{"url": "http://www.securityfocus.com/bid/104565", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1041244", "tags": ["VDB Entry", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://developer.joomla.org/security-centre/740-20180602-core-xss-vulnerability-in-language-switcher-module", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "An XSS issue was discovered in the language switcher module in Joomla! 1.6.0 through 3.8.8 before 3.8.9. In some cases, the link of the current language might contain unescaped HTML special characters. This may lead to reflective XSS via injection of arbitrary parameters and/or values on the current page URL."}, {"lang": "es", "value": "Se ha descubierto un problema de Cross-Site Scripting (XSS) en el m\u00f3dulo language switcher en Joomla! desde la versi\u00f3n 1.6.0 hasta la 3.8.8 anterior a la 3.8.9. En algunos casos, el enlace del idioma actual podr\u00eda contener caracteres especiales HTML no escapados. Esto podr\u00eda conducir a Cross-Site Scripting (XSS) reflejado mediante la inyecci\u00f3n de par\u00e1metros arbitrarios y/o valores en la URL de la p\u00e1gina actual."}], "lastModified": "2018-08-20T13:48:27.037", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8ADA2861-2F9F-409F-A652-EA6D24BD9535", "versionEndIncluding": "3.8.8", "versionStartIncluding": "1.6.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}