[20191002] - Core - Path Disclosure in phpuft8 mapping files

Status
Not open for further replies.

Demon Bot

Super Demon
Staff member
Site Administrator
Joined
Jul 12, 2019
Messages
167
Reaction score
26
Points
28
[20191002] - Core - Path Disclosure in phpuft8 mapping files

  • Project: Joomla!
  • SubProject: CMS
  • Impact: Low
  • Severity: Low
  • Versions: 3.6.0 - 3.9.12
  • Exploit type: Path Disclosure
  • Reported Date: 2019-November-01
  • Fixed Date: 2019-November-05
  • CVE Number: CVE-2019-18674
Description


Missing access check in the phputf8 mapping files could lead to an path disclosure.

Affected Installs


Joomla! CMS versions 3.6.0 - 3.9.12

Solution


Upgrade to version 3.9.13

Contact


The JSST at the Joomla! Security Centre.

Reported By: Phil Taylor



Continue reading...
 
Status
Not open for further replies.