Description

Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently access unauthorised data. Joomla! Core versions 1.6.x ranging from 1.6.0 and up to and including 1.6.3 are vulnerable.

Remediation

Update to Joomla! Core version 1.6.4 or latest

References

https://developer.joomla.org/security/news/350-20110603-unauthorised-access

Related Vulnerabilities

Oracle JRE CVE-2022-21296 Vulnerability (CVE-2022-21296)

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (7.3.4)

WordPress Plugin Pardakht Delkhah Cross-Site Scripting (2.9.2)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-11612)

WordPress Plugin N-Media Website Contact Form with File Upload Local File Inclusion (1.5)

Severity

High

Classification

CWE-264 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

Missing Update Authentication Bypass