Medium severity4.7OSV Advisory· Published May 22, 2018· Updated Jun 17, 2026
CVE-2018-11328
CVE-2018-11328
Description
An issue was discovered in Joomla! Core before 3.8.8. Under specific circumstances (a redirect issued with a URI containing a username and password when the Location: header cannot be used), a lack of escaping the user-info component of the URI could result in an XSS vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/104269nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1040966nvdThird Party AdvisoryVDB Entry
- developer.joomla.org/security-centre/736-20180508-core-possible-xss-attack-in-the-redirect-method.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.