Joomla! Security Vulnerabilities and Issues — Joomla! CVE List

Lucene search

JoomlaJoomla!

5 matches found

CVE•added 2021/07/07 11:15 a.m.•161 views

CVE-2021-26036

An issue was discovered in Joomla! 2.5.0 through 3.9.27. Missing validation of input could lead to a broken usergroups table.

7.5CVSS7.3AI score0.00009EPSS

CVE•added 2021/07/07 11:15 a.m.•110 views

CVE-2021-26038

An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for com_installer is limited to super users already.

7.5CVSS7.4AI score0.0001EPSS

CVE•added 2021/07/07 11:15 a.m.•62 views

CVE-2021-26035

An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate escaping in the rules field of the JForm API leads to a XSS vulnerability.

6.1CVSS6.1AI score0.02166EPSS

CVE•added 2021/07/07 11:15 a.m.•57 views

CVE-2021-26037

An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine existing user sessions when a user's password was changed or the user was blocked.

5.3CVSS5.6AI score0.00009EPSS

CVE•added 2021/07/07 11:15 a.m.•57 views

CVE-2021-26039

An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate escaping in the imagelist view of com_media leads to a XSS vulnerability.

6.1CVSS6.1AI score0.02166EPSS