CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2019-12765 – Joomla! 3.9.0 < 3.9.7 - CSV Injection
https://notcve.org/view.php?id=CVE-2019-12765
An issue was discovered in Joomla! before 3.9.7. The CSV export of com_actionslogs is vulnerable to CSV injection. Se descubrió un problema en Joomla anterior 3.9.7 la exportación CSV de com_actionslogs es vulnerable a la inyección de CSV. • https://www.exploit-db.com/exploits/48198 http://www.securityfocus.com/bid/108736 https://developer.joomla.org/security-centre/783-20190601-core-csv-injection-in-com-actionlogs • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12764
https://notcve.org/view.php?id=CVE-2019-12764
An issue was discovered in Joomla! before 3.9.7. The update server URL of com_joomlaupdate can be manipulated by non Super-Admin users. Se descubrió un problema en Joomla! Anterior del 3.9.7. • http://www.securityfocus.com/bid/108729 https://developer.joomla.org/security-centre/785-20190603-core-acl-hardening-of-com-joomlaupdate •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11809
https://notcve.org/view.php?id=CVE-2019-11809
An issue was discovered in Joomla! before 3.9.6. The debug views of com_users do not properly escape user supplied data, which leads to a potential XSS attack vector. Un problema fue descubierto en Joomla antes del 3.9.6. Las vistas de depuración de com_users no escapan correctamente a los datos proporcionados por el usuario, lo que conduce a un posible vector de ataque XSS. • https://developer.joomla.org/security-centre/780-20190501-core-xss-in-com-users-acl-debug-view • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 2%CPEs: 218EXPL: 4CVE-2019-11358 – jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
https://notcve.org/view.php?id=CVE-2019-11358
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. jQuery, en versiones anteriores a 3.4.0, como es usado en Drupal, Backdrop CMS, y otros productos, maneja mal jQuery.extend(true, {}, ...) debido a la contaminación de Object.prototype. Si un objeto fuente no sanitizado contenía una propiedad enumerable __proto__, podría extender el Object.prototype nativo. A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. • https://github.com/isacaya/CVE-2019-11358 https://github.com/ossf-cve-benchmark/CVE-2019-11358 https://github.com/Snorlyd/https-nj.gov---CVE-2019-11358 http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html http://packetstormsecurity.c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10946
https://notcve.org/view.php?id=CVE-2019-10946
An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of com_users lacks access checks, allowing calls from unauthenticated users. Se descubrió un problema en Joomla! versión anterior al 3.9.5. • https://developer.joomla.org/security-centre/778-20190402-core-helpsites-refresh-endpoint-callable-for-unauthenticated-users • CWE-306: Missing Authentication for Critical Function •