2 matches found
CVE-2018-17856
Summary: CVE-2018-17856 affects Joomla! before 3.8.13. The com_joomlaupdate component permits arbitrary code execution due to a default ACL configuration that allows Administrator-level users to access com_joomlaupdate. This leads to remote code execution with high impact; CVSSv3 base score 7.2 (...
CVE-2018-17856
An issue was discovered in Joomla! before 3.8.13. comjoomlaupdate allows the execution of arbitrary code. The default ACL config enabled the ability of Administrator-level users to access comjoomlaupdate and trigger code execution...