Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Joomla Missing Authentication for Critical Function Vulnerability - CVE-2019-10946 - Vulnerability Database
Joomla

Joomla Missing Authentication for Critical Function Vulnerability - CVE-2019-10946

High
Reference: CVE-2019-10946
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2019-10946
Title: Joomla Missing Authentication for Critical Function Vulnerability
Overview:

An issue was discovered in Joomla before 3.9.5. The quotrefresh list of helpsitesquot endpoint of com_users lacks access checks allowing calls from unauthenticated users.