Unrated severityNVD Advisory· Published Oct 7, 2012· Updated Jun 16, 2026
CVE-2011-4910
CVE-2011-4910
Description
Cross-site scripting (XSS) vulnerability in Joomla! before 1.5.12 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*range: <=1.5.11
- cpe:2.3:a:joomla:joomla\!:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:1.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:1.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:1.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:1.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:1.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:1.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:1.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:1.5.9:*:*:*:*:*:*:*
- (no CPE)range: <1.5.12
Patches
Vulnerability mechanics
References
6- secunia.com/advisories/35668nvdVendor Advisory
- developer.joomla.org/security/news/299-20090605-core-frontend-xss-phpself-not-properly-filtered.htmlnvd
- www.openwall.com/lists/oss-security/2011/12/25/3nvd
- www.openwall.com/lists/oss-security/2011/12/25/8nvd
- www.osvdb.org/55590nvd
- www.securityfocus.com/bid/35544nvd
News mentions
0No linked articles in our index yet.