CVE-2019-7739
First published: Tue Feb 12 2019(Updated: )
An issue was discovered in Joomla! before 3.9.3. The "No Filtering" textfilter overrides child settings in the Global Configuration. This is intended behavior. However, it might be unexpected for the user because the configuration dialog lacks an additional message to explain this.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Joomla | >=2.5.0<=3.9.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-7739?
The severity of CVE-2019-7739 is classified as moderate due to potential configuration confusion.
How do I fix CVE-2019-7739?
To fix CVE-2019-7739, upgrade Joomla! to version 3.9.3 or later.
What issue does CVE-2019-7739 describe in Joomla!?
CVE-2019-7739 describes a problem where the 'No Filtering' textfilter in Joomla! can override child settings unexpectedly.
Which versions of Joomla! are affected by CVE-2019-7739?
Joomla! versions prior to 3.9.3 and starting from 2.5.0 up to and including 3.9.2 are affected by CVE-2019-7739.
Is the behavior of the textfilter in CVE-2019-7739 intended or accidental?
The behavior of the textfilter described in CVE-2019-7739 is intended but may not be clear to users due to lack of explanatory messaging.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/joomla
- canonical/joomla
- version/joomla/2.5.0
- version/joomla/3.9.2