PT-2020-11997 · Open Source Matters · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions prior to 3.9.16 Description: An issue was discovered in the image actions of com templates, where missing token checks lead to CSRF. Recommendations: For versions prior to 3.9.16, update to version 3.9.16 or later to resolve...

PT-2020-11994 · Open Source Matters · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions prior to 3.9.16 Description: An issue was discovered where various actions in com templates lack the required ACL checks, leading to potential attack vectors. Recommendations: For versions prior to 3.9.16, update to version...

Joomla! access control error vulnerability (CNVD-2020-20997)

Joomla! is the U.S. Open Source Matters team of a set of PHP and MySQL development using open source , cross-platform content management system CMS. An access control error vulnerability exists in Joomla! versions 2.5.0 through 3.9.15, which stems from a failure to perform ACL checks for various...

PT-2020-20125 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions prior to 3.9.15 Description: A missing CSRF token check in the LESS compiler of com templates causes a CSRF issue. This allows for potential exploitation. Recommendations: For versions prior to 3.9.15, update to version 3.9.1...