CVE-2021-23123
[20210101] - Core - com_modules exposes module names
An issue was discovered in Joomla! 3.0.0 through 3.9.23. The lack of ACL checks in the orderPosition endpoint of com_modules leak names of unpublished and/or inaccessible modules.
Affected products
Joomla! Project · Joomla! CMSWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →