Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Joomla! Core improper access check in webservice endpoints - Vulnerability Database

Joomla! Core improper access check in webservice endpoints

Description

Certain Joomla! Core 4.x versions are vulnerable to an authentication bypass vulnerability that allows unauthenticated users to access sensitive information about Joomla! Installation. It affects Joomla versions 4.0.0 to 4.2.7, the patch was released in version 4.2.8.

Remediation

Upgrade to Joomla! version 4.2.8.

References

Core - Improper access check in webservice endpoints
CVE-2023-23752: Joomla Authentication Bypass Vulnerability

Related Vulnerabilities

MediaWiki multiple remote vulnerabilities High
Common tags: Information Disclosure Authentication Bypass
Apache Tomcat version older than 6.0.35 High
Common tags: Information Disclosure Authentication Bypass
Microsoft IIS5 NTLM and Basic authentication bypass High
Common tags: Information Disclosure Authentication Bypass
Apache Tomcat version older than 7.0.21 High
Common tags: Information Disclosure Authentication Bypass
WordPress Plugin Stop User Enumeration Security Bypass (1.3.18) High
Common tags: Information Disclosure Authentication Bypass

Severity

Medium

Classification

CVE-2023-23752
CWE-200
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure
Authentication Bypass