Joomla

Joomla!

140 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-27187

  • EPSS 0.01%
  • Published 20.08.2024 16:15:10
  • Last modified 04.06.2025 20:58:17

Improper Access Controls allows backend users to overwrite their username when disallowed.

6.1

CVE-2024-21731

  • EPSS 0.04%
  • Published 09.07.2024 17:15:14
  • Last modified 13.03.2025 15:15:41

Improper handling of input could lead to an XSS vector in the StringHelper::truncate method.

6.1

CVE-2024-26278

  • EPSS 0.01%
  • Published 09.07.2024 17:15:14
  • Last modified 13.03.2025 16:15:18

The Custom Fields component not correctly filter inputs, leading to a XSS vector.

7.5

CVE-2023-40626

  • EPSS 0.03%
  • Published 29.11.2023 13:15:07
  • Last modified 21.11.2024 08:19:51

The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information.

6.1

CVE-2023-23754

  • EPSS 0.02%
  • Published 30.05.2023 17:15:09
  • Last modified 09.01.2025 22:15:25

An issue was discovered in Joomla! 4.2.0 through 4.3.1. Lack of input validation caused an open redirect and XSS issue within the new mfa selection screen.

7.5

CVE-2023-23755

  • EPSS 0%
  • Published 30.05.2023 17:15:09
  • Last modified 09.01.2025 22:15:26

An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute force attacks against MFA methods.

5.3

CVE-2023-23752

Warning
  • EPSS 94.53%
  • Published 16.02.2023 17:15:10
  • Last modified 07.02.2025 14:58:09

An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.

6.1

CVE-2022-27914

  • EPSS 0.05%
  • Published 08.11.2022 19:15:11
  • Last modified 21.11.2024 06:56:27

An issue was discovered in Joomla! 4.0.0 through 4.2.4. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in com_media.

6.1

CVE-2022-27913

  • EPSS 0.05%
  • Published 25.10.2022 19:15:10
  • Last modified 21.11.2024 06:56:27

An issue was discovered in Joomla! 4.2.0 through 4.2.3. Inadequate filtering of potentially malicious user input leads to reflected XSS vulnerabilities in various components.

5.3

CVE-2022-27912

  • EPSS 0.01%
  • Published 25.10.2022 19:15:09
  • Last modified 21.11.2024 06:56:27

An issue was discovered in Joomla! 4.0.0 through 4.2.3. Sites with publicly enabled debug mode exposed data of previous requests.