Joomla! Developer Network

  • Project: Joomla!
  • SubProject: CMS
  • Severity: Moderate
  • Versions: 3.1.2 through 3.2.2
  • Exploit type: XSS Vulnerability
  • Reported Date: 2014-March-04
  • Fixed Date: 2014-March-06
  • CVE Number: Pending


Inadequate escaping leads to XSS vulnerability in com_contact.

Affected Installs

Joomla! CMS versions 3.1.2 through 3.2.2


Upgrade to version 3.2.3


The JSST at the Joomla! Security Center.

Reported By: ??

Joomla! CMS

Current Release 

View known Issues

Development Status

Nightly CMS builds for developers are available for download

Joomla! Framework

Joomla! Reading

Joomla! Programming

Joomla! Programming

Mark Dexter & Louis Landry
Joomla! Templates

Joomla! Templates

Angie Radtke