A lot of XSS vulnerabilities in Joomla are remote code execution.

On February 22, 2024, Joomla developers released information about several vulnerabilities in the popular content management system that can lead to the execution of arbitrary code. The developers of the Joomla! project have released versions Joomla 5.0.3 and 4.4.3, in which the following vulnerabilities in the content management system have been fixed:

[20240201] -CVE-2024-21722 Core - Insufficient session time in MFA control views:

MFA management functions incorrectly terminated existing user sessions when the user's MFA methods changed.

[20240202] - CVE-2024-21723 Core - Open redirect in deployment application:

Incorrect URL parsing may have resulted in an open redirect.

[20240203] - CVE-2024-21724 Core - XSS in media selection fields:

Insufficient input validation for media selection fields causes XSS vulnerabilities in various extensions.

[20240204] - CVE-2024-21725 Core - XSS in email address inference:

Incorrect handling of email addresses leads to XSS vulnerabilities in various components.

[20240205] - CVE-2024-21726 Core - Insufficient content filtering in filter code:

Improper content filtering causes XSS vulnerabilities in various components.

These vulnerabilities could have a serious impact as approximately 2% of all websites use Joomla, and millions of websites around the world use this CMS. Cyber security company Sonarsource, which discovered the issue that led to the XSS vulnerabilities in the popular content management system, said: "Joomla's widespread use and the fact that most installations are publicly available makes it a valuable target for attackers.