CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
100.0%
The JSST and the Joomla! Security Center report:
[20151001] - Core - SQL Injection
Inadequate filtering of request data leads to a SQL Injection
vulnerability.
[20151002] - Core - ACL Violations
Inadequate ACL checks in com_contenthistory provide potential read
access to data which should be access restricted.