7.3 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
35.4%
An issue was discovered in Joomla! before 3.9.5. The “refresh list of helpsites” endpoint of com_users lacks access checks, allowing calls from unauthenticated users.
developer.joomla.org/security-centre/778-20190402-core-helpsites-refresh-endpoint-callable-for-unauthenticated-users