Intrusion Prevention

Joomla!.Line.Feed.Character.XSS

Description

This indicates an attack attempt against a Cross-Site Scripting (XSS) vulnerability in Joomla! CMS.
The vulnerability is caused by inadequate input filtering of line feed character which leads to XSS vulnerabilities in various components. A remote attacker may be able to exploit this to execute arbitrary script code within the context of the application.

Affected Products

Joomla! 3.0.0 through 3.8.7

Impact

System Compromise : Remote attackers can execute arbitrary script code within the context of the target user's browser

Recommended Actions

Upgrade to the latest version, available from the website.
https://developer.joomla.org/security-centre/733-20180505-core-xss-vulnerabilities-additional-hardening.html

CVE References

CVE-2018-11326