CVE-2019-12764

CVE-2019-12764

EPSS 1.1%

An issue was discovered in Joomla! before 3.9.7. The update server URL of com_joomlaupdate can be manipulated by non Super-Admin users.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://developer.joomla.org/security-centre/785-20190603-core-acl-hardening-of-com-joomlaupdate http://www.securityfocus.com/bid/108729