Description
Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error pages.
Solution(s)
joomla-upgrade-3_9_26
Referenceshttps://attackerkb.com/topics/cve-2021-26030 CVE - 2021-26030 http://developer.joomla.org/security-centre/850-20210401-core-escape-xss-in-logo-parameter-error-pages.html