CVE-2017-9934

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-9934
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9934.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-9934
Published
2017-07-17T21:29:00.980Z
Modified
2025-11-20T10:47:25.452323Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Missing CSRF token checks and improper input validation in Joomla! CMS 1.7.3 through 3.7.2 lead to an XSS vulnerability.

References

Affected packages

Git / github.com/joomla/joomla-cms

Affected ranges

Type
GIT
Repo
https://github.com/joomla/joomla-cms
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
00d8ab3abd2558501592dc73fecfbe46bb56522f
Last affected
011a6f5cc34bcc67338db2d24828fdff5940cbb6
Last affected
01799923c847684c075e503a9394548ac12e1c72
Last affected
07d6712836c4520963e78b9fda14b14d13ff000c
Last affected
08d6e492682518d33cb779e1c86db8a100a09a6d
Last affected
08e29ee287259bcb22362273a872993e7a3fb039
Last affected
0bafd9f7cd1e90856c3d855f38a295f5e96dc1e4
Last affected
0c8cb24dcedcf34a46cc2ff8b0b9ad8df286aa64
Last affected
0fc3778861fa20c055ea00870c641a06bc692ecb
Last affected
11b927eb40b6646733ead7a9e3cd5f2e68a289b8
Last affected
14f6bddf8afa12dd6c3a7e5c993e5f454c65e928
Last affected
17d33fce172f3cba96cb0dc1acd25eb60c9aaa7a
Last affected
1a0b7a0bddf7572a38bfc4b17092ca83170c77fd
Last affected
1bfe0052e00a628cdf4c53718d11730c0ced0799
Last affected
1e7f9cccbe1a7fba6f80549b953a3f02ad10791f
Last affected
21489b49ec8fe20a9a9ebbc2bb04f19b4df4d5ef
Last affected
254e422955f90e8bb6d89f0229cb089f19229c36
Last affected
25bb3ef080184ced525ed969cf5b055758a7e360
Last affected
296627526281a1ea08b8df8f6b6c684ad78840fe
Last affected
2983d196840a7da2abf62c00ac2f3ee4864179b4
Last affected
2a193a73e059a3dee457e2307a27eb7534177ed9
Last affected
2ab73ee2441027c99ca3bb44dcc593d9e42247df
Last affected
2cd4ef682f0cab6ff03200b79007a25f19c6690e
Last affected
2e0aaf4d8144ec083aead8703b6e1ab2b978ad75
Last affected
390dfb708b0b92a79b90ba92c80b97986ac9f1f9
Last affected
3b9b82b528cde642985258109e8f30c311351f94
Last affected
3c1c8dfb2712d5ac9a72a518c4e2c3ee0a0f6f80
Last affected
46de4a7d3a6043eec30b210f5f53c7d8eeed1cb1
Last affected
47528481d39dcf6f6a2775359baec730fdbe754e
Last affected
4e45f91fdaf662f6844153b3cf3bc87f1defadb1
Last affected
4efbb9a8e572e01e858b39cc06e8e9bffa13d12f
Last affected
59c93a4634e7afe5aa33072f54a13d1683376715
Last affected
5c526f99c6558d94c0f26d5b90f6e6261a7386a2
Last affected
5d47df460150140633e48c18336597ae5955bb90
Last affected
5e75cffd7e7e4939c4e32096bb27a2029b805df5
Last affected
5f4a028207efcfacf4549f97b17a47fc14454c2c
Last affected
5fa0b451ae3a31dfa98ba2bad7559b71c2b8d82a
Last affected
5fe8dfd144649257ea9a7c3ac3d72dba3ff34250
Last affected
6a169d998767373c4e0d21ef37ad04d55d67998d
Last affected
6a99b5dba1da503cad0e7a723ec2f22dfaa30858
Last affected
7234b9598c0bccfb447da5fa20ee72190c58ff6a
Last affected
73cf6502a625e3bf3d628d25311be9939a09db3c
Last affected
74cccf0179148478b64d76588f16b306697639cd
Last affected
797a820228cb0b30248466eb26b886dc694dfd4d
Last affected
7d105613d7a81cd43fc8ed401767935ab7467cff
Last affected
7d7ffbce4f40c75a99c9b5059e50f30fd1771561
Last affected
830c8c54be64f9d9f6fc00bf6f0f03447d483053
Last affected
8481553ba87f87422f0dd614b3514a1ce13014d4
Last affected
8665974033e66f38c69bb86baba9e456dffdb6c2
Last affected
877b3e1b02644779d5451ed374a6778bd34f42bc
Last affected
8a908a506fab9b5b58cf6672ade219f73586e635
Last affected
8fbc4fb3a2fad44c8c82152a82084d826e3df606
Last affected
91fd776aa65ce53a19e2e9bcccbaa2133f5c6cd6
Last affected
925c3fa5d512b9aff8c5b470804d282fb1b70afb
Last affected
963cd074abaf7c169dc2efdec2a823fbdbebf68c
Last affected
98bd1442bfb598ab94802315b142bb8eb08a9de2
Last affected
995db72ff4eaa544e38b4da3630b7a1ac0146264
Last affected
9a32ab9f8a262de6a360fa40205998c6d2d8a452
Last affected
aa415ea6122f44e95970b2160404e52a54ea85b2
Last affected
acb7a6384561a8d5917fa9854c85f52cddec9550
Last affected
b023acca2aa0282b3bbcfebf02194bf60aa08ffc
Last affected
b2e5d14718d0f8ca833bd95913247cf405cde205
Last affected
b4a5288ed50cbc5e0ae4da3f8fcdc49d633a7b33
Last affected
b6f66c99da6757381c2aa2b276bc259ad7b40f0b
Last affected
b7c37b477b0231cfdbf1251f25a9096a173d3f58
Last affected
b855f8885dec93ad439136f00b07a7ebf49af52b
Last affected
b95f8ac2bf791c3031bb332daca7f374855587b9
Last affected
ba710f28187b0012396c385e268f1fb9f250ee22
Last affected
bb1010ae038f6cbaf4aa78760b394bb13b6339ad
Last affected
bdaeb18559672885f4c80487cec21473b62fe43b
Last affected
c1acb7e6973bd549fe35a02659fe851ff1a37dfe
Last affected
c508e4f2110ab231a54eb979c26676b0d6793ab5
Last affected
c8cc782f1c387679736c56e9e88d7530b1107805
Last affected
ca454d9bdfb6cb7813625035323f14e20cbe9ed7
Last affected
ca6cb8e34f611588115b31ce96d13928e0f68e8f
Last affected
cab78cb7cb2357357f13459247e0140ba7626f2c
Last affected
d53146a31d303a10b8cc4fa78a6fb16770ae50e7
Last affected
d70a0fe1521e9ee4130ae523e290449b8e549658
Last affected
d9264d8e5179b6a4b938e201b1f35ea8f13159f1
Last affected
dca641f67e8e341bf0ef74f775a5e81ad3ccf384
Last affected
dd0228ad970a9a06d12cfd4b92f1ff943c13c792
Last affected
ddbcb33a40a1b901c0bcd3ed334a8a25554965a8
Last affected
e004a7dd8e567beda90e9ee85311f3f21746c0b2
Last affected
e267106d8a7d164ef123c351e24e0dff14b1c2b9
Last affected
e33857bbe74ea8e062613902869415bfd4afcb2b
Last affected
e721e23c30090a1e7c7dc95de4269d79d6ce9a6b
Last affected
e912c5abec3650896cbf0ea4c68ec3ca79b84826
Last affected
ec9c32deeff8c79648ca80edd35c107b1004d1df
Last affected
ece8118d1db3b729ea051a1ce90d3e28473086e1
Last affected
ee83a731bc6e4499c050da202de353770e88805b
Last affected
f2a087a10ae7b799e469d8296063c946a60131d3
Last affected
f2be537cebf8ab5b37faa1c6605ab1a07c56725d
Last affected
f2e0aa3be797e7398bc8920c391c1185514662f2
Last affected
fa5645208eefd70f521cd2e4d53d5378622133d8
Last affected
fa7d085a6d1b5a95ab5c10d67464be26c5ffd9ae
Last affected
fb69bf029e5e9e7b37e68d169eb0d6a9b33cdb44
Last affected
fba560de0f9f662af3f342d401c76c47097a06be
Last affected
fd72a9fb0ee8f54513ca436c27da7c4d8fb8feed

Affected versions

1.*

1.7.3

2.*

2.5.0
2.5.0_RC1
2.5.0_beta1
2.5.0_beta2
2.5.1
2.5.2
2.5.3