PT-2019-12092 · Open Source Matters · Joomla!
Publicado
2019-04-10
·
Atualizado
2019-04-17
·
CVE-2019-10945
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Joomla! versions prior to 3.9.5
Description
An issue was discovered in the Media Manager component, which does not properly sanitize the
folder parameter. This allows attackers to act outside the media manager root directory.Recommendations
For versions prior to 3.9.5, update to version 3.9.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the Media Manager component until a patch is applied.
Exploit
Correção
Path traversal
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Joomla!