CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27912 – [20221001] - Core - Debug Mode leaks full request payloads including passwords
https://notcve.org/view.php?id=CVE-2022-27912
An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests. Se ha detectado un problema en Joomla! versiones 4.0.0 hasta 4.2.3. • https://developer.joomla.org/security-centre/885-20221001-core-disclosure-of-critical-information-in-debug-mode.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27911 – [20220801] - Core - Multiple Full Path Disclosures because of missing '_JEXEC or die check'
https://notcve.org/view.php?id=CVE-2022-27911
An issue was discovered in Joomla! 4.2.0. Multiple Full Path Disclosures because of missing '_JEXEC or die check' caused by the PSR12 changes. Se ha detectado un problema en Joomla! Versión 4.2.0. • https://developer.joomla.org/security-centre/884-20220801-core-multiple-full-path-disclosures-because-of-missing-jexec-or-die-check.html •