Description

An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to see the names of tags that were either unpublished or published with restricted view permission.

Remediation

References

CVE-2018-11327

Related Vulnerabilities

PrestaShop Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2018-7491)

WordPress Plugin Redirection PHP Object Injection (2.7.3)

WordPress Plugin Woo Custom Checkout Field Multiple Vulnerabilities (1.3.2)

Chamilo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-23127)

WordPress Plugin Battle Suit for Divi Security Bypass (1.10.1)

Severity

Medium

Classification

CVE-2018-11327 CWE-200 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities