Description
An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5. Inadequate permissions checks in the Beez3 layout override of the com_content article view allow users to view articles that should not be publicly accessible, as demonstrated by an index.php?option=com_content&view=article&id=1&template=beez3 request.
Remediation
References
Related Vulnerabilities
Magento Improper Authorization Vulnerability (CVE-2020-24405)
OpenSSL Uncontrolled Resource Consumption Vulnerability (CVE-2016-8610)
WordPress Plugin Custom Content Type Manager 'upload_form.php' Arbitrary File Upload (0.9.5.13)
WordPress Plugin stm-megamenu Local File Inclusion (2.3.12)
WordPress Plugin Booster for WooCommerce Multiple Cross-Site Scripting Vulnerabilities (5.4.8)