CVE-2024-21723 [20240202] - Core - Open redirect in installation application

🗓️ 20 Feb 2024 16:23:25Reported by JoomlaType

Open redirect in Core installatio

Reporter	Title	Published	Views	Family All 17
BDU FSTEC	The vulnerability of the Joomla! content management system lies in the redirection of URLs to an unreliable website, allowing a hacker to redirect users to any given URL address.	27 Feb 202400:00	–	bdu_fstec
Circl	CVE-2024-21723	22 Feb 202414:40	–	circl
CNNVD	CMS Security Vulnerability	29 Feb 202400:00	–	cnnvd
CVE	CVE-2024-21723	20 Feb 202416:23	–	cve
Joomla! Vulnerable Extensions List	[20240202] - Core - Open redirect in installation application	8 Nov 202300:00	–	joomla
Tenable Nessus	Joomla 1.5.x < 3.10.15 / 4.0.x < 4.4.3 / 5.0.x < 5.0.3 Multiple Vulnerabilities (5904-joomla-5-0-3-and-4-4-3-security-and-bug-fix-release)	20 Feb 202400:00	–	nessus
Tenable Nessus	Joomla! 5.x < 5.0.3 Multiple Vulnerabilities	21 Feb 202400:00	–	nessus
Tenable Nessus	Joomla! 1.5.x < 4.4.3 Multiple Vulnerabilities	21 Feb 202400:00	–	nessus
Malwarebytes	Joomla! patches XSS flaws that could lead to remote code execution	23 Feb 202416:11	–	malwarebytes
NCSC	Vulnerabilities fixed in Joomla!	22 Feb 202400:00	–	ncsc

[
  {
    "defaultStatus": "unaffected",
    "product": "Joomla! CMS",
    "vendor": "Joomla! Project",
    "versions": [
      {
        "status": "affected",
        "version": "1.5.0-3.10.14"
      },
      {
        "status": "affected",
        "version": "4.0.0-4.4.2"
      },
      {
        "status": "affected",
        "version": "5.0.0-5.0.2"
      }
    ]
  }
]

Source	Link
developer	www.developer.joomla.org/security-centre/926-20240202-core-open-redirect-in-installation-application.html

04 Dec 2024 16:09Current

6.8Medium risk

Vulners AI Score6.8

EPSS0.00537

CWE-601