Security Advisory
CVE-2020-13761
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
In Joomla! before 3.9.19, lack of input validation in the heading tag option of the "Articles - Newsflash" and "Articles - Categories" modules allows XSS.