PT-2024-29023 · Joomla · Convert Forms
Published
2024-12-04
·
Updated
2024-12-09
·
CVE-2024-40744
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Convert Forms component for Joomla versions prior to 4.4.8
Description
The issue is related to an unrestricted file upload via a security bypass in the Convert Forms component for Joomla. This allows for potential malicious file uploads without proper restrictions.
Recommendations
For versions prior to 4.4.8, update to version 4.4.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the file upload functionality in the Convert Forms component until the update can be applied.
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Convert Forms