GHSA-mxr8-pcpg-m23j

Опубликовано: 01 мая 2022

Источник: github

Github: Прошло ревью

Описание

Joomla! doesn't configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs

Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2008-3228
https://exchange.xforce.ibmcloud.com/vulnerabilities/44206
https://web.archive.org/web/20080730154423/http://www.joomla.org/content/view/5180/1
http://www.joomla.org/content/view/5180/1/1/1/#htaccess
http://www.openwall.com/lists/oss-security/2008/07/12/2

Пакеты

Наименование

joomla/joomla-platform

composer

Затронутые версииВерсия исправления

< 1.5.4

1.5.4

EPSS

Процентиль: 50%

0.00272

Низкий

CVE ID

CVE-2008-3228

Связанные уязвимости

CVE-2008-3228

nvd

больше 17 лет назад

Joomla! before 1.5.4 does not configure .htaccess to apply certain security checks that "block common exploits" to SEF URLs, which has unknown impact and remote attack vectors.

EPSS

Процентиль: 50%

0.00272

Низкий

CVE ID

CVE-2008-3228