According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities :
ACL violation in access levels affects Joomla 2.5.0 through 3.8.7
Adding phar files to the upload blacklist affects Joomla 2.5.0 through 3.8.7
Information Disclosure about unpublished tags affects Joomla 3.1.0 through 3.8.7
Installer leak of plain text password to local user affects Joomla 3.0.0 through 3.8.7
XSS Vulnerabilities & additional hardening affects Joomla 3.0.0 through 3.8.7
Filter field in com_fields allowing remote code execution affects Joomla 3.7.0 through 3.8.7
Session deletion race condition affects Joomla 3.0.0 through 3.8.7
Possible XSS attack in the redirect method affects Joomla 3.1.2 through 3.8.7
XSS vulnerability in the media manager affects Joomla 1.5.0 through 3.8.7
Note that the scanner has not tested for these issues but has instead relied only on the applicationβs self-reported version number.
No source data
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11321
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11322
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11323
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11324
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11325
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11326
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11327
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11328
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6378
developer.joomla.org/security-centre/729-20180501-core-acl-violation-in-access-levels.html
developer.joomla.org/security-centre/730-20180502-core-add-phar-files-to-the-upload-blacklist.html
developer.joomla.org/security-centre/731-20180503-core-information-disclosure-about-unpublished-tags.html
developer.joomla.org/security-centre/732-20180504-core-installer-leaks-plain-text-password-to-local-user.html
developer.joomla.org/security-centre/733-20180505-core-xss-vulnerabilities-additional-hardening.html
developer.joomla.org/security-centre/735-20180507-core-session-deletion-race-condition.html
developer.joomla.org/security-centre/737-20180509-core-xss-vulnerability-in-the-media-manager.html
www.joomla.org/announcements/release-news/5730-joomla-3-8-8-release.html