BIT-JOOMLA-2026-35223 Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints

An improper access check allows unauthorized access to comconfig webservice endpoints...

CVE-2026-35223

An improper access check allows unauthorized access to comconfig webservice endpoints...

CVE-2026-35223 Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints

An improper access check allows unauthorized access to comconfig webservice endpoints...

CVE-2026-35223

An improper access check allows unauthorized access to comconfig webservice endpoints...

Joomla! CMS 访问控制错误漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a vulnerability related to access control, which stems from improper access checks. This vulnerability may allow unauthorized access to the comconfig web service endpoints...

Joomla! 3.0.x < 3.9.4 Multiple Vulnerabilities

According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - Lack of ACL checks in sample data plugins affects Joomla 3.8.0 through 3.9.3 - XSS in comconfig JSON handler affects Joomla 3.2.0 through 3.9.3 - XSS in itemtitle layout...

CVE-2019-9712

CVE-2019-9712 concerns Joomla! core prior to version 3.9.4, where the JSON handler in component com_config lacks input validation, enabling cross-site scripting (XSS). The issue is documented across multiple sources (NVD entry, CNVD, OSV, and vendor advisories). Implication: an attacker could cra...

[20190301] - Core - XSS in com_config JSON handler

The JSON handler in comconfig lacks input validation, leading to XSS vulnerability...