15 matches found
BIT-JOOMLA-2023-23751 [20230102] - Core - Missing ACL checks for com_actionlogs
An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access comactionlogs...
BIT-JOOMLA-2020-8421
An issue was discovered in Joomla! before 3.9.15. Inadequate escaping of usernames allows XSS attacks in comactionlogs...
CVE-2023-23751
An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access comactionlogs...
CVE-2023-23751
An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access comactionlogs...
Design/Logic Flaw
An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access comactionlogs...
CVE-2023-23751 [20230102] - Core - Missing ACL checks for com_actionlogs
An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access comactionlogs...
[20230102] - Core - Missing ACL checks for com_actionlogs
Joomla! CMS versions 4.0.0-4.2.6...
Joomla! 3.9.0 - 3.9.14 XSS Vulnerability
Joomla! is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla";...
CVE-2020-8421
An issue was discovered in Joomla! before 3.9.15. Inadequate escaping of usernames allows XSS attacks in comactionlogs...
CVE-2020-8421
An issue was discovered in Joomla! before 3.9.15. Inadequate escaping of usernames allows XSS attacks in comactionlogs...
Cross site scripting
An issue was discovered in Joomla! before 3.9.15. Inadequate escaping of usernames allows XSS attacks in comactionlogs...
CVE-2020-8421
An issue was discovered in Joomla! before 3.9.15. Inadequate escaping of usernames allows XSS attacks in comactionlogs...
CVE-2020-8421
CVE-2020-8421 affects Joomla! core prior to 3.9.15, specifically the com_actionlogs component. The issue is described as inadequate escaping of usernames, which enables cross-site scripting (XSS) attacks. The vulnerability is present in Joomla! 3.x up to version 3.9.14, with a fix introduced in 3...
[20200103] - Core - XSS in com_actionlogs
Inadequate escaping of usernames allow XSS attacks in comactionlogs...
Joomla 3.6.x < 3.9.7 Multiple Vulnerabilites
According to its self-reported version, the instance of Joomla! running on the remote web server is 3.6.x prior to 3.9.7. It is, therefore, affected by the following vulnerabilities: - Joomla versions 3.8.13 prior to 3.9.7 are affected by a vulnerability where a non-admin user may manipulate the...