- Project: Joomla!
- SubProject: CMS
- Severity: Moderate
- Versions: 3.2.0 through 3.2.4, 3.3.0 through 3.3.3
- Exploit type: XSS Vulnerability
- Reported Date: 2014-August-27
- Fixed Date: 2014-September-23
- CVE Number: CVE-2014-6631
Inadequate escaping leads to XSS vulnerability in com_media.
Joomla! CMS versions 3.2.0 through 3.2.4 and 3.3.0 through 3.3.3
Upgrade to version 3.2.5 or 3.3.4
The JSST at the Joomla! Security Centre.
Reported By: Dingjie (Daniel) Yang