Joomla: >> Joomla! >> 3.0.0 Security Vulnerabilities
An issue was discovered in Joomla! 2.5.0 through 3.9.24. Missing filtering of feed fields could lead to xss issues.
CVSS Score
6.1
EPSS Score
0.023
Published
2021-03-04
An issue was discovered in Joomla! 3.0.0 through 3.9.24. com_media allowed paths that are not intended for image uploads
CVSS Score
7.5
EPSS Score
0.653
Published
2021-03-04
An issue was discovered in Joomla! 3.0.0 through 3.9.24. Incorrect ACL checks could allow unauthorized change of the category for an article.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-03-04
An issue was discovered in Joomla! 3.0.0 through 3.9.24. Extracting an specifilcy crafted zip package could write files outside of the intended path.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-03-04
An issue was discovered in Joomla! 1.6.0 through 3.9.24. Inadequate filtering of form contents could allow to overwrite the author field.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-03-04
An issue was discovered in Joomla! 3.0.0 through 3.9.23. The lack of ACL checks in the orderPosition endpoint of com_modules leak names of unpublished and/or inaccessible modules.
CVSS Score
5.3
EPSS Score
0.0
Published
2021-01-12
An issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input validation while handling ACL rulesets can cause write ACL violations.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-12-28
An issue was discovered in Joomla! 2.5.0 through 3.9.22. The autosuggestion feature of com_finder did not respect the access level of the corresponding terms.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-12-28
An issue was discovered in Joomla! 2.5.0 through 3.9.22. The globlal configuration page does not remove secrets from the HTML output, disclosing the current values.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-12-28
An issue was discovered in Joomla! 2.5.0 through 3.9.22. The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability.
CVSS Score
7.5
EPSS Score
0.0
Published
2020-12-28