Unrated severityNVD Advisory· Published Jan 12, 2021· Updated Feb 25, 2026
[20210102] - Core - XSS in mod_breadcrumbs aria-label attribute
CVE-2021-23124
Description
An issue was discovered in Joomla! 3.9.0 through 3.9.23. The lack of escaping in mod_breadcrumbs aria-label attribute allows XSS attacks.
Affected products
1- Range: 3.9.0-3.9.23
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- developer.joomla.org/security-centre/837-20210102-core-xss-in-mod-breadcrumbs-aria-label-attribute.htmlmitrex_refsource_MISCvendor-advisory
News mentions
0No linked articles in our index yet.