Description

An issue was discovered in Joomla! before 3.9.3. The "No Filtering" textfilter overrides child settings in the Global Configuration. This is intended behavior. However, it might be unexpected for the user because the configuration dialog lacks an additional message to explain this.

Remediation

References

CVE-2019-7739

Related Vulnerabilities

Drupal Incorrect Authorization Vulnerability (CVE-2020-13676)

WordPress Plugin Job Manager Cross-Site Scripting (0.7.22)

Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-28378)

jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31160)

Jetty Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2009-5047)

Severity

Medium

Classification

CVE-2019-7739 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities