Access Control: Joomla JLex Review 6.0.1 - Cross-Site Scripting¶
Identifier:
joomla_jlex_xss
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | WebApp Scanner | ASM Scanner |
|---|---|---|---|
Description¶
Joomla JLex Review 6.0.1 is vulnerable to reflected XSS, allowing attackers to send malicious links that can steal session tokens or login credentials when victims click them.
How we test: We test for reflected XSS vulnerabilities in Joomla JLex Review by injecting malicious payloads into request parameters and analyzing responses to detect if scripts are reflected and executed in the browser.
Reference:
- https://www.exploitalert.com/view-details.html?id=39732
- https://www.exploit-db.com/exploits/51645
- https://extensions.joomla.org/extension/jlex-review/
Configuration¶
Example¶
Example configuration:
Reference¶
skip¶
Type : boolean
Skip the test if true.