CVE-2018-10727

Severity CVSS v4.0:
Pending analysis
Type:
CWE-79 Cross-Site Scripting (XSS)
Publication date:
29/10/2019
Last modified:
31/10/2019

Description

Reflected Cross-Site Scripting (XSS) vulnerability in the fabrik_referrer hidden field in the Fabrikar Fabrik component through v3.8.1 for Joomla! allows remote attackers to inject arbitrary web script via the HTTP Referer header.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:fabrikar:fabrik:*:*:*:*:*:joomla\!:*:* 3.8.1 (including)


References to Advisories, Solutions, and Tools