Description
An issue was discovered in Joomla! before 3.9.7. The update server URL of com_joomlaupdate can be manipulated by non Super-Admin users.
Remediation
References
Related Vulnerabilities
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4947)
WordPress Plugin WP-UserOnline Cross-Site Scripting (2.88.0)
WordPress Plugin Easy2Map Multiple Vulnerabilities (1.2.9)
WebLogic CVE-2016-5531 Vulnerability (CVE-2016-5531)
WordPress Plugin CONTUS VBLOG-Video Blogging 'save.php' Arbitrary File Upload (1.0)