5.3
CVE-2023-23752
- EPSS 94.53%
- Veröffentlicht 16.02.2023 17:15:10
- Zuletzt bearbeitet 07.02.2025 14:58:09
- Quelle security@joomla.org
- Teams Watchlist Login
- Unerledigt Login
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
08.01.2024: CISA Known Exploited Vulnerabilities (KEV) Catalog
Joomla! Improper Access Control Vulnerability
SchwachstelleJoomla! contains an improper access control vulnerability that allows unauthorized access to webservice endpoints.
BeschreibungApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Erforderliche Maßnahmen| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 94.53% | 1 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.