2 matches found
Joomla! 3.x < 3.9.4 Multiple Vulnerabilities
According to its self-reported version number, the Joomla! installation running on the remote web server is prior to 3.9.4. It is, therefore, affected by multiple vulnerabilities: - A logic error exists in sample data plugins that allows remote attackers to gain unauthorized access to unspecified...
CVE-2019-9712
CVE-2019-9712 concerns Joomla! core prior to version 3.9.4, where the JSON handler in component com_config lacks input validation, enabling cross-site scripting (XSS). The issue is documented across multiple sources (NVD entry, CNVD, OSV, and vendor advisories). Implication: an attacker could cra...