5.3
CVE-2023-23752
- EPSS 94.53%
- Published 16.02.2023 17:15:10
- Last modified 07.02.2025 14:58:09
- Source security@joomla.org
- Teams watchlist Login
- Open Login
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
Data is provided by the National Vulnerability Database (NVD)
08.01.2024: CISA Known Exploited Vulnerabilities (KEV) Catalog
Joomla! Improper Access Control Vulnerability
VulnerabilityJoomla! contains an improper access control vulnerability that allows unauthorized access to webservice endpoints.
DescriptionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Required actions| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 94.53% | 1 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.