An issue was discovered in Joomla! before 3.9.4. The JSON handler in com_config lacks input validation, leading to XSS.Referenceshttps://developer.joomla.org/security-centre/772-20190301-core-xss-in-com-config-json-handlerhttp://www.securityfocus.com/bid/107374
