CVE-2023-39974

Опубликовано: 17 авг. 2023

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific list.

Ссылки

https://extensions.joomla.org/extension/acymailing-starter/
Product
https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/
Release Notes
Vendor Advisory
https://extensions.joomla.org/extension/acymailing-starter/
Product
https://www.acymailing.com/acymailing-release-security-%F0%9F%94%90-news-updates/
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:acymailing:acymailing:*:*:*:*:enterprise:joomla\!:*:*

Версия от 6.7.0 (включая) до 8.7.0 (исключая)

EPSS

Процентиль: 37%

0.00162

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-200

CWE-668

Связанные уязвимости

GHSA-689r-whjg-rx75