Security Advisory
CVE-2021-23124
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
An issue was discovered in Joomla! 3.9.0 through 3.9.23. The lack of escaping in mod_breadcrumbs aria-label attribute allows XSS attacks.