CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27912 – [20221001] - Core - Debug Mode leaks full request payloads including passwords
https://notcve.org/view.php?id=CVE-2022-27912
25 Oct 2022 — An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests. Se ha detectado un problema en Joomla! versiones 4.0.0 hasta 4.2.3. • https://developer.joomla.org/security-centre/885-20221001-core-disclosure-of-critical-information-in-debug-mode.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27911 – [20220801] - Core - Multiple Full Path Disclosures because of missing '_JEXEC or die check'
https://notcve.org/view.php?id=CVE-2022-27911
31 Aug 2022 — An issue was discovered in Joomla! 4.2.0. Multiple Full Path Disclosures because of missing '_JEXEC or die check' caused by the PSR12 changes. Se ha detectado un problema en Joomla! Versión 4.2.0. • https://developer.joomla.org/security-centre/884-20220801-core-multiple-full-path-disclosures-because-of-missing-jexec-or-die-check.html •
CVSS: 6.1EPSS: 0%CPEs: 218EXPL: 7CVE-2019-11358 – jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection
https://notcve.org/view.php?id=CVE-2019-11358
19 Apr 2019 — jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. jQuery, en versiones anteriores a 3.4.0, como es usado en Drupal, Backdrop CMS, y otros productos, maneja mal jQuery.extend(true, {}, ...) debido a la contaminación de Object.prototype. Si un objeto fuente no sanitizado contenía una propi... • https://github.com/isacaya/CVE-2019-11358 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •