Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default (text/html) is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0.
CVSS
No CVSS.
References
No reference.
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: CERT-PL
Published: 2024-06-28T11:29:03.154Z
Updated: 2024-07-02T22:01:41.843Z
Reserved: 2024-06-07T06:09:43.874Z
Link: CVE-2024-5737
JSON object: View
NVD Information
No data.
Redhat Information
No data.
CWE