CVE-2024-27186

CVE-2024-27186: [20240803] - Core - XSS in HTML Mail Templates

Vendor Joomla! Project
Product Joomla! CMS
Weakness CWE-79 · XSS
Published August 20, 2024
Last update November 26, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

The mail template feature lacks an escaping mechanism, causing XSS vectors in multiple extensions.

Key dates

02Disclosure timeline

August 20, 2024 CVE published
November 26, 2024 Record updated