exploitDog

CVE-2018-17858

Опубликовано: 09 окт. 2018

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

An issue was discovered in Joomla! before 3.8.13. com_installer actions do not have sufficient CSRF hardening in the backend.

Ссылки

http://www.securityfocus.com/bid/105559
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041914
Third Party Advisory
VDB Entry
https://developer.joomla.org/security-centre/755-20181005-core-csrf-hardening-in-com-installer.html
Vendor Advisory
http://www.securityfocus.com/bid/105559
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041914
Third Party Advisory
VDB Entry
https://developer.joomla.org/security-centre/755-20181005-core-csrf-hardening-in-com-installer.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*

Версия от 2.5.0 (включая) до 3.8.13 (исключая)

EPSS

Процентиль: 27%

0.00094

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

GHSA-2x2c-h542-whv5

CVSS3: 8.8

github

больше 3 лет назад

An issue was discovered in Joomla! before 3.8.13. com_installer actions do not have sufficient CSRF hardening in the backend.

EPSS

Процентиль: 27%

0.00094

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-352