vulnerability
Joomla!: [20180101] - Core - XSS vulnerability in module chromes (CVE-2018-6380)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Jan 30, 2018 | Jan 31, 2018 | Mar 30, 2026 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Jan 30, 2018
Added
Jan 31, 2018
Modified
Mar 30, 2026
Description
In Joomla! before 3.8.4, lack of escaping in the module chromes leads to XSS vulnerabilities in the module system.
Solution
joomla-upgrade-3_8_4
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.