[20190603] - Core - ACL hardening of com_joomlaupdate
- Details
- Joomla RSS Feed
- Kategorie: Joomla News
Project: Joomla! SubProject: CMS Impact: Low Severity: Low Versions: 3.8.13 through 3.9.6 Exploit type: Incorrect Access Control Reported Date: 2019-April-10 Fixed Date: 2019-June-11 CVE Number: CVE-2019-12764 Description The update server URL of com_joomlaupdate can be manipulated by non Super-Admin users. Affected Installs Joomla! CMS versions 3.8.13 through 3.9.6 Solution Upgrade to version 3.9.7 Contact The JSST at the Joomla! Security Centre.
- Zugriffe: 644