First published: Mon Dec 28 2020(Updated: )
An issue was discovered in Joomla! 2.5.0 through 3.9.22. The autosuggestion feature of com_finder did not respect the access level of the corresponding terms.
Credit: security@joomla.org
Affected Software | Affected Version | How to fix |
---|---|---|
Joomla Joomla\! | >=2.5.0<=3.9.22 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2020-35610.
The severity level of CVE-2020-35610 is high with a severity value of 7.5.
Joomla versions 2.5.0 through 3.9.22 are affected by CVE-2020-35610.
CVE-2020-35610 allows unauthorized users to access restricted information through the autosuggestion feature of com_finder in Joomla.
Yes, Joomla has released a security patch to fix CVE-2020-35610. It is recommended to update to the latest version of Joomla.