E18-5iwa1
CVSS:
6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
False Positive:
f
Variants:
6
Year:
2018
Description
This strike exploits a cross-site scripting vulnerability in Joomla! CMS equipped with Gridbox extension.
This vulnerability is due to inadequate input filtering in the web interface, while parsing the input from 'app' and 'category' parameters.
By exploiting this vulnerability an attacker could cause arbitrary HTML/script code to be executed by the target user's browser or stole the victim's cookie.