Joomla Missing Authorization Vulnerability - CVE-2021-23123
An issue was discovered in Joomla 3.0.0 through 3.9.23. The lack of ACL checks in the orderPosition endpoint of com_modules leak names of unpublished and/or inaccessible modules.
An issue was discovered in Joomla 3.0.0 through 3.9.23. The lack of ACL checks in the orderPosition endpoint of com_modules leak names of unpublished and/or inaccessible modules.