[20190801] - Core - Hardening com_contact contact form

Status
Not open for further replies.

Demon Bot

Super Demon
Staff member
Site Administrator
Joined
Jul 12, 2019
Messages
128
Reaction score
12
Points
18
[20190801] - Core - Hardening com_contact contact form

  • Project: Joomla!
  • SubProject: CMS
  • Impact: Moderate
  • Severity: Low
  • Versions: 1.6.2 - 3.9.10
  • Exploit type: Incorrect Access Control
  • Reported Date: 2019-April-09
  • Fixed Date: 2019-August-13
  • CVE Number: CVE-2019-XXXXX
Description


Inadequate checks in com_contact could allowed mail submission in disabled forms.

Affected Installs


Joomla! CMS versions 1.6.2 - 3.9.10

Solution


Upgrade to version 3.9.11

Contact


The JSST at the Joomla! Security Centre.

Reported By: Sergey Brester



Continue reading...
 
Status
Not open for further replies.