exploitDog

CVE-2022-27909

Опубликовано: 06 мая 2022

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files

Ссылки

https://hackerhood.redhotcyber.com/cve-2022-27909-jdownloads/
Third Party Advisory
https://www.jdownloads.com/index.php/downloads/download/57-jdownloads-3-9.html
Release Notes
Vendor Advisory
https://hackerhood.redhotcyber.com/cve-2022-27909-jdownloads/
Third Party Advisory
https://www.jdownloads.com/index.php/downloads/download/57-jdownloads-3-9.html
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jdownloads:jdownloads:3.9.8.2:*:*:*:*:joomla\!:*:*

EPSS

Процентиль: 38%

0.00164

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-93hf-mgcv-fqq8

CVSS3: 4.3

github

почти 4 года назад

In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files

EPSS

Процентиль: 38%

0.00164

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo