Description

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Inadequate filtering on the selected Ids on an request could resulted into an possible SQL injection.

Remediation

References

CVE-2022-23797

Related Vulnerabilities

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9852)

WordPress Plugin Content Blocks (Custom Post Widget) Cross-Site Scripting (3.0)

WordPress Plugin WordPress Download Manager Cross-Site Scripting (2.9.86)

WordPress Plugin Manage Calameo Publications by Athlon Cross-Site Scripting (1.1.0)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2242)

Severity

Critical

Classification

CVE-2022-23797 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities