CVE-2022-27911: [20220801] - Core - Multiple Full Path Disclosures because of missing '_JEXEC or die check'
First published: Wed Aug 31 2022(Updated: )
An issue was discovered in Joomla! 4.2.0. Multiple Full Path Disclosures because of missing '_JEXEC or die check' caused by the PSR12 changes.
Credit: security@joomla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Joomla Joomla\! | =4.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-27911.
What is the severity of CVE-2022-27911?
The severity of CVE-2022-27911 is medium (5.3).
What is the affected software version?
The affected software version is Joomla 4.2.0.
What is the impact of CVE-2022-27911?
CVE-2022-27911 can result in multiple full path disclosures.
Is there a fix available for CVE-2022-27911?
Yes, a fix is available for CVE-2022-27911. Please refer to the official Joomla security advisory for more information.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/author
- agent/last-modified-date
- agent/title
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/joomla
- canonical/joomla joomla\!
- version/joomla joomla\!/4.2.0