Description

An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users.

Remediation

References

CVE-2020-15697

Related Vulnerabilities

WordPress Plugin Contact Bank-Contact Form Builder for WordPress 'Label' Field Cross-Site Scripting (2.0.19)

Drupal Core 5.x Multiple Cross-Site Scripting Vulnerabilities (5.0 - 5.1)

WordPress Plugin Polldaddy Polls & Ratings Unspecified Vulnerability (2.0.25)

phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-2506)

WordPress Plugin WordPress Filter Gallery Security Bypass (0.0.6)

Severity

Medium

Classification

CVE-2020-15697 CWE-732 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities