VDB
WID-SEC-W-2024-0430
WID-SEC-W-2024-0430
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Joomla ist ein freies Content-Management-System, basierend auf der Scriptsprache PHP und einer SQL-Datenbank. Über zahlreiche Extensions kann der Funktionsumfang der Core-Installation individuell erweitert werden.
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Source Joomla < 3.10.15-elts | ||
| Open Source Joomla < 5.0.3 | ||
| Open Source Joomla < 4.4.3 |
Exploit Intelligence
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0430.json (circl)
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0430 (circl)
- https://developer.joomla.org/security-centre/925-20240201-core-insufficient-session-expiration-in-mfa-management-views.html (circl)
- https://developer.joomla.org/security-centre/926-20240202-core-open-redirect-in-installation-application.html (circl)
- https://developer.joomla.org/security-centre/927-20240203-core-xss-in-media-selection-fields.html (circl)
- https://developer.joomla.org/security-centre/928-20240204-core-xss-in-mail-address-outputs.html (circl)
- https://developer.joomla.org/security-centre/929-20240205-core-inadequate-content-filtering-within-the-filter-code.html (circl)
Timeline
- Feb 20, 2024 CVE Published
- Feb 25, 2024 CVE Updated
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0430.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0430 advisory
- https://developer.joomla.org/security-centre/925-20240201-core-insufficient-session-expiration-in-mfa-management-views.html url
- https://developer.joomla.org/security-centre/926-20240202-core-open-redirect-in-installation-application.html url
- https://developer.joomla.org/security-centre/927-20240203-core-xss-in-media-selection-fields.html url
- https://developer.joomla.org/security-centre/928-20240204-core-xss-in-mail-address-outputs.html url
- https://developer.joomla.org/security-centre/929-20240205-core-inadequate-content-filtering-within-the-filter-code.html url