ASA-2019-00133 – Joomla: Cross-Site Scripting (XSS) in com_config JSON handler Posted on March 14, 2019March 14, 2019 by Allele Security Intelligence in Alerts The JSON handler in com_config lacks input validation, leading to XSS vulnerability.