CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27912 – [20221001] - Core - Debug Mode leaks full request payloads including passwords
https://notcve.org/view.php?id=CVE-2022-27912
25 Oct 2022 — An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests. Se ha detectado un problema en Joomla! versiones 4.0.0 hasta 4.2.3. • https://developer.joomla.org/security-centre/885-20221001-core-disclosure-of-critical-information-in-debug-mode.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27911 – [20220801] - Core - Multiple Full Path Disclosures because of missing '_JEXEC or die check'
https://notcve.org/view.php?id=CVE-2022-27911
31 Aug 2022 — An issue was discovered in Joomla! 4.2.0. Multiple Full Path Disclosures because of missing '_JEXEC or die check' caused by the PSR12 changes. Se ha detectado un problema en Joomla! Versión 4.2.0. • https://developer.joomla.org/security-centre/884-20220801-core-multiple-full-path-disclosures-because-of-missing-jexec-or-die-check.html •