First published: Wed Apr 10 2019(Updated: )
An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of com_users lacks access checks, allowing calls from unauthenticated users.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Joomla Joomla\! | >=3.2.0<=3.9.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.