CVE-2020-13762
- EPSS 0.96%
- Veröffentlicht 02.06.2020 20:15:10
- Zuletzt bearbeitet 21.11.2024 05:01:48
In Joomla! before 3.9.19, incorrect input validation of the module tag option in com_modules allows XSS.
CVE-2020-13763
- EPSS 1.23%
- Veröffentlicht 02.06.2020 20:15:10
- Zuletzt bearbeitet 21.11.2024 05:01:48
In Joomla! before 3.9.19, the default settings of the global textfilter configuration do not block HTML inputs for Guest users.
CVE-2020-11889
- EPSS 0.76%
- Veröffentlicht 21.04.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:58:50
An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks in the access level section of com_users allow the unauthorized deletion of usergroups.
CVE-2020-11890
- EPSS 2.76%
- Veröffentlicht 21.04.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:58:50
An issue was discovered in Joomla! before 3.9.17. Improper input validations in the usergroup table class could lead to a broken ACL configuration.
CVE-2020-11891
- EPSS 0.8%
- Veröffentlicht 21.04.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:58:50
An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks in the access level section of com_users allow the unauthorized editing of usergroups.
CVE-2020-10238
- EPSS 5.58%
- Veröffentlicht 16.03.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:55:02
An issue was discovered in Joomla! before 3.9.16. Various actions in com_templates lack the required ACL checks, leading to various potential attack vectors.
CVE-2020-10239
- EPSS 2.66%
- Veröffentlicht 16.03.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:55:02
An issue was discovered in Joomla! before 3.9.16. Incorrect Access Control in the SQL fieldtype of com_fields allows access for non-superadmin users.
CVE-2020-10240
- EPSS 1.21%
- Veröffentlicht 16.03.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:55:02
An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses.
CVE-2020-10241
- EPSS 0.68%
- Veröffentlicht 16.03.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:55:02
An issue was discovered in Joomla! before 3.9.16. Missing token checks in the image actions of com_templates lead to CSRF.
CVE-2020-10242
- EPSS 0.96%
- Veröffentlicht 16.03.2020 16:15:13
- Zuletzt bearbeitet 21.11.2024 04:55:02
An issue was discovered in Joomla! before 3.9.16. Inadequate handling of CSS selectors in the Protostar and Beez3 JavaScript allows XSS attacks.