CVE-2018-6377

In Joomla! before 3.8.4, inadequate input filtering in com_fields leads to an XSS vulnerability in multiple field types, i.e., list, radio, and checkbox (CVSS:4.3) (Last…

CVE-2017-16633

In Joomla! before 3.8.2, a logic bug in com_fields exposed read-only information about a site’s custom fields to unauthorized users. (CVSS:4.0) (Last Update:2017-11-28)

CVE-2017-14596

In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password. (CVSS:5.0) (Last Update:2017-09-27)

CVE-2017-11612

In Joomla! before 3.7.4, inadequate filtering of potentially malicious HTML tags leads to XSS vulnerabilities in various components. (CVSS:4.3) (Last Update:2017-07-31)