Access Control: Joomla JVTwitter - Cross-Site Scripting¶
Identifier:
joomla_jvtwitter_xss
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | WebApp Scanner | ASM Scanner |
|---|---|---|---|
Description¶
Joomla JVTwitter is vulnerable to reflected XSS, allowing attackers to send malicious links that can steal session tokens or login credentials when victims click them.
How we test: We test for reflected XSS vulnerabilities in Joomla JVTwitter by injecting malicious payloads into request parameters and analyzing responses to detect if scripts are reflected and executed in the browser.
Reference:
- https://buaq.net/go-44433.html
- https://cxsecurity.com/issue/WLB-2020110041
- https://extensions.joomla.org/
Configuration¶
Example¶
Example configuration:
Reference¶
skip¶
Type : boolean
Skip the test if true.