3 matches found
Joomla 4.0.x < 4.2.7 Multiple Vulnerabilities (5876-joomla-4-2-7-security-and-bug-fix-release)
According to its self-reported version, the instance of Joomla! running on the remote web server is 4.0.x prior to 4.2.7. It is, therefore, affected by multiple vulnerabilities. - An issue was discovered in Joomla! 4.0.0 through 4.2.6. A missing token check causes a CSRF vulnerability in the...
CVE-2023-23751 [20230102] - Core - Missing ACL checks for com_actionlogs
An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access comactionlogs...
CVE-2023-23751
CVE-2023-23751 affects Joomla! 4.0.0–4.2.4 and arises from a missing ACL check in com_actionlogs, enabling non super-admin users to access it. The connected sources (OSV, NVD, and security trackers) confirm a privilege/ACL bypass rather than a bypass tied to authentication tokens or input handlin...