JCE Admin Component for Joomla Multiple Cross Site Scripting Vulnerabilities

JCE Admin Component is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input.

An attacker can exploit these issues to steal cookie-based authentication credentials and launch other attacks.

JCE Admin 1.1.0 beta 2 is vulnerable to this issue; prior versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus