CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-35610 – [20201101] - Core - com_finder ignores access levels on autosuggest
https://notcve.org/view.php?id=CVE-2020-35610
An issue was discovered in Joomla! 2.5.0 through 3.9.22. The autosuggestion feature of com_finder did not respect the access level of the corresponding terms. Se detectó un problema en Joomla! versiones 2.5.0 hasta 3.9.22. • https://developer.joomla.org/security-centre/828-20201101-core-com-finder-ignores-access-levels-on-autosuggest.html •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-24598
https://notcve.org/view.php?id=CVE-2020-24598
An issue was discovered in Joomla! before 3.9.21. Lack of input validation in the vote feature of com_content leads to an open redirect. Se detectó un problema en Joomla! versiones anteriores a 3.9.21. • https://developer.joomla.org/security-centre/825-20200802-core-open-redirect-in-com-content-vote-feature • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15699
https://notcve.org/view.php?id=CVE-2020-15699
An issue was discovered in Joomla! through 3.9.19. Missing validation checks on the usergroups table object can result in a broken site configuration. Se detectó un problema en Joomla! versiones hasta el 3.9.19. • https://developer.joomla.org/security-centre/819-20200702-core-missing-checks-can-lead-to-a-broken-usergroups-table-record.html • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15698
https://notcve.org/view.php?id=CVE-2020-15698
An issue was discovered in Joomla! through 3.9.19. Inadequate filtering on the system information screen could expose Redis or proxy credentials Se detectó un problema en Joomla! versiones hasta el 3.9.19. Un filtrado inadecuado en la pantalla de información del sistema podría exponer las credenciales de Redis o del proxy • https://developer.joomla.org/security-centre/823-20200706-core-system-information-screen-could-expose-redis-or-proxy-credentials.html •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15697
https://notcve.org/view.php?id=CVE-2020-15697
An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users. Se detectó un problema en Joomla! versiones hasta el 3.9.19. • https://developer.joomla.org/security-centre/821-20200704-core-variable-tampering-via-user-table-class.html • CWE-732: Incorrect Permission Assignment for Critical Resource •