Access Control: Joomla jMarket 5.15 - Cross-Site Scripting¶
Identifier:
joomla_jmarket_xss
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | WebApp Scanner | ASM Scanner |
|---|---|---|---|
Description¶
Joomla jMarket 5.15 is vulnerable to reflected XSS, allowing attackers to send malicious links that can steal session tokens or login credentials when victims click them.
How we test: We test for reflected XSS vulnerabilities in Joomla jMarket by injecting malicious payloads into request parameters and analyzing responses to detect if scripts are reflected and executed in the browser.
Reference:
- https://packetstormsecurity.com/files/168581/Joomla-jMarket-5.15-Cross-Site-Scripting.html
- https://cxsecurity.com/issue/WLB-2022100002
- https://extensions.joomla.org/
Configuration¶
Example¶
Example configuration:
Reference¶
skip¶
Type : boolean
Skip the test if true.