PT-2021-15387 · Joomla · Joomla!
Hoang Kien
·
Published
2021-03-04
·
Updated
2025-04-03
·
CVE-2021-23132
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Joomla! versions 3.0.0 through 3.9.24
Description
An issue was discovered in the com media component, which allowed paths that are not intended for image uploads.
Recommendations
For Joomla! versions 3.0.0 through 3.9.24, consider restricting access to the com media component until a fix is available. As a temporary workaround, avoid using com media for image uploads to minimize the risk of exploitation.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Joomla!