CVE-2014-0794

Cross-site scripting (XSS) vulnerability in JV Comment (com_jvcomment) 3.0.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the id parameter in a comment.like action. (CVSS:4.3) (Last Update:2014-02-24)

Leave a Reply