Page 9 of 186 results (0.009 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Joomla! through 3.9.19. Missing validation checks on the usergroups table object can result in a broken site configuration. Se detectó un problema en Joomla! versiones hasta el 3.9.19. • https://developer.joomla.org/security-centre/819-20200702-core-missing-checks-can-lead-to-a-broken-usergroups-table-record.html • CWE-345: Insufficient Verification of Data Authenticity •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Joomla! through 3.9.19. Inadequate filtering on the system information screen could expose Redis or proxy credentials Se detectó un problema en Joomla! versiones hasta el 3.9.19. Un filtrado inadecuado en la pantalla de información del sistema podría exponer las credenciales de Redis o del proxy • https://developer.joomla.org/security-centre/823-20200706-core-system-information-screen-could-expose-redis-or-proxy-credentials.html •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users. Se detectó un problema en Joomla! versiones hasta el 3.9.19. • https://developer.joomla.org/security-centre/821-20200704-core-variable-tampering-via-user-table-class.html • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Joomla! through 3.9.19. Lack of input filtering and escaping allows XSS attacks in mod_random_image. Se detectó un problema en Joomla! versiones hasta el 3.9.19. • https://developer.joomla.org/security-centre/822-20200705-core-escape-mod-random-image-link.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0

In Joomla! before 3.9.19, lack of input validation in the heading tag option of the "Articles - Newsflash" and "Articles - Categories" modules allows XSS. En Joomla! versiones anteriores a 3.9.19, la falta de comprobación de entrada en la opción heading tag de los módulos "Articles - Newsflash" y "Articles - Categories" permite un ataque de tipo XSS. • https://developer.joomla.org/security-centre/813-20200601-core-xss-in-modules-heading-tag-option • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •