Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-3056)

Description

Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and delete the private messages of arbitrary users via unspecified vectors.

Remediation

References

CVE-2013-3056

Related Vulnerabilities

WordPress Plugin WP-Filebase Download Manager Cross-Site Scripting (3.4.4)

WordPress Plugin WP eCommerce Security Bypass (3.8.14.3)

ownCloud Improper Authentication Vulnerability (CVE-2012-4392)

WordPress Plugin WHIZZ Cross-Site Request Forgery (1.1)

WordPress Plugin Responsive Category Slider Cross-Site Scripting (1.0)

Severity

Medium

Classification

CVE-2013-3056 CWE-264