VYPR
← All advisories
Unrated severityNVD Advisory· Published May 3, 2013· Updated Apr 29, 2026

CVE-2013-3059

CVE-2013-3059

Description

Cross-site scripting (XSS) vulnerability in the Voting plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected products

15
  • Joomla/Joomla!14 versions
    cpe:2.3:a:joomla:joomla\!:2.5.0:*:*:*:*:*:*:*+ 13 more
    • cpe:2.3:a:joomla:joomla\!:2.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:joomla:joomla\!:2.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:joomla:joomla\!:2.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:joomla:joomla\!:2.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:joomla:joomla\!:2.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:joomla:joomla\!:2.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:joomla:joomla\!:2.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:joomla:joomla\!:2.5.7:*:*:*:*:*:*:*
    • cpe:2.3:a:joomla:joomla\!:2.5.8:*:*:*:*:*:*:*
    • cpe:2.3:a:joomla:joomla\!:2.5.9:*:*:*:*:*:*:*
    • cpe:2.3:a:joomla:joomla\!:3.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:joomla:joomla\!:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:joomla:joomla\!:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:joomla:joomla\!:3.0.3:*:*:*:*:*:*:*
  • Joomla/Votingllm-create
    Range: >=2.5.0,<2.5.10 || >=3.0.0,<3.0.4

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.