Description

Joomla! CMS 2.5.x before 2.5.19 and 3.x before 3.2.3 allows remote attackers to authenticate and bypass intended restrictions via vectors involving GMail authentication.

Remediation

References

CVE-2014-7984

Related Vulnerabilities

e107 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-1989)

Collabtive Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4269)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3531)

Oracle JRE Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-1493)

WordPress Plugin Cartogiraffe Map Cross-Site Scripting (1.0)

Severity

High

Classification

CVE-2014-7984 CWE-264

Tags

Missing Update Known Vulnerabilities