- Project: Joomla!
- SubProject: CMS
- Severity: Low
- Versions: 1.5.0 through 3.6.5
- Exploit type: XSS
- Reported Date: 2017-February-22
- Fixed Date: 2017-April-25
- CVE Number: CVE-2017-7986
Inadequate filtering of specific HTML attributes leads to XSS vulnerabilities in various components.
Joomla! CMS versions 1.5.0 through 3.6.5
Upgrade to version 3.7.0
The JSST at the Joomla! Security Centre.
Reported By: Fortinet's FortiGuard Labs