CVE-2009-0378

Description

Cross-site scripting (XSS) vulnerability in index.php in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the pet parameter in a sign action.

Affected products

• Joomla! / com_beamospetition1.0.12 – 1.0.12

References

• MISChttp://www.securityfocus.com/archive/1/500250/100/0/threaded
• EXPLOIThttps://www.exploit-db.com/exploits/7847
• MISChttp://www.securityfocus.com/bid/33391