Joomla Huge-IT Slideshow Extension Cross Site Scripting Vulnerability (CVE-2016-1000118)

  Severity: MEDIUM

  DESCRIPTION

A Cross Site Scripting (XSS) vulnerability has been found in the Huge-IT Joomla Extension. By using this vulnerability an attacker can inject malicious JavaScript code into the application, which will execute within the browser of any logged-in admin who views the page with injected code.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1000552