First published: Mon Dec 28 2020(Updated: )
An issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input validation while handling ACL rulesets can cause write ACL violations.
Credit: security@joomla.org
Affected Software | Affected Version | How to fix |
---|---|---|
Joomla Joomla\! | >=1.7.0<=3.9.22 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Joomla issue is CVE-2020-35616.
The severity of CVE-2020-35616 is high with a CVSS score of 7.5.
CVE-2020-35616 is a vulnerability in Joomla 1.7.0 through 3.9.22 that allows write ACL violations due to lack of input validation in handling ACL rulesets.
CVE-2020-35616 can result in write ACL violations, potentially allowing unauthorized users to modify or delete sensitive data in Joomla.
To fix CVE-2020-35616, it is recommended to update Joomla to version 3.9.23 or later, which includes a patch for this vulnerability.