CVE-2007-4779

medium

Description

Cross-site scripting (XSS) vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the archive section.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/36425

http://www.securityfocus.com/archive/1/478451/100/0/threaded

http://www.joomla.org/content/view/3831/1/

http://securityreason.com/securityalert/3108

http://osvdb.org/38416

Details

Source: Mitre, NVD

Published: 2007-09-10

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00016