CVE-2017-14595

Опубликовано: 20 сент. 2017

Источник: nvd

CVSS3: 3.7

CVSS2: 4.3

EPSS Низкий

Описание

In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state.

Ссылки

http://www.securityfocus.com/bid/100900
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039407
Third Party Advisory
VDB Entry
https://developer.joomla.org/security-centre/710-20170901-core-information-disclosure
Vendor Advisory
http://www.securityfocus.com/bid/100900
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039407
Third Party Advisory
VDB Entry
https://developer.joomla.org/security-centre/710-20170901-core-information-disclosure
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:joomla:joomla\!:3.7.0:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.7.1:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.7.2:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.7.3:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.7.4:*:*:*:*:*:*:*

cpe:2.3:a:joomla:joomla\!:3.7.5:*:*:*:*:*:*:*

EPSS

Процентиль: 7%

0.00026

Низкий

3.7 Low

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-f9hg-vwwx-m297