Description
JCE is a very popular content editor for Joomla! sites. A vulnerability has been reported in JCE 2.0 and JCE 1.5 that allows a logged in user - who has access to JCE (ie: they can created or edit articles) and any of the Image Manager, Image Manager Extended, File Manager, Media Manager or Template Manager plugins - to view and manipulate files and folders outside of the folder assigned to these plugins.
JCE 2.0.11 and JCE 1.5.7.14 add additional security checks to fix the vulnerability. Additional checks have also been added to some functions in the Image Manager Extended and Template Manager plugins.
Remediation
Upgrade JCE to the latest version.
References
Related Vulnerabilities
jQuery File Upload unauthenticated arbitrary file upload
WordPress Plugin Category Grid View Gallery TimThumb Arbitrary File Upload (0.1.1)
Oracle Sun GlassFish/Java System Application Server Remote Authentication Bypass Vulnerability
Play Framework Improper Input Validation Vulnerability (CVE-2015-2156)