Description

An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to see the names of tags that were either unpublished or published with restricted view permission.

Remediation

References

CVE-2018-11327

Related Vulnerabilities

Joomla! Core 3.x.x Cross-Site Scripting (3.6.0 - 3.9.6)

WordPress Plugin Disqus Comment System Multiple Cross-Site Request Forgery Vulnerabilities (2.77)

Apache Tomcat Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1947)

Drupal Core 6.x Security Bypass (6.0 - 6.29)

MySQL CVE-2016-0643 Vulnerability (CVE-2016-0643)

Severity

Medium

Classification

CVE-2018-11327 CWE-200 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities