In Joomla! before 3.8.4, inadequate input filtering in com_fields leads to an XSS vulnerability in multiple field types, i.e., list, radio, and checkbox (CVSS:4.3) (Last…


In Joomla! before 3.8.2, a logic bug in com_fields exposed read-only information about a site’s custom fields to unauthorized users. (CVSS:4.0) (Last Update:2017-11-28)


In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password. (CVSS:5.0) (Last Update:2017-09-27)


In Joomla! before 3.7.4, inadequate filtering of potentially malicious HTML tags leads to XSS vulnerabilities in various components. (CVSS:4.3) (Last Update:2017-07-31)