Joomla : Security Vulnerabilities, CVEs, Published In 2017 (Information Leak)
In Joomla! before 3.8.2, a logic bug in com_fields exposed read-only information about a site's custom fields to unauthorized users.
Max CVSS
4.3
EPSS Score
0.18%
Published
2017-11-10
Updated
2017-11-28
Improper cache invalidation in Joomla! CMS 1.7.3 through 3.7.2 leads to disclosure of form contents.
Max CVSS
7.5
EPSS Score
0.33%
Published
2017-07-17
Updated
2017-07-20
In Joomla! 3.4.0 through 3.6.5 (fixed in 3.7.0), multiple files caused full path disclosures on systems with enabled error reporting.
Max CVSS
5.3
EPSS Score
0.14%
Published
2017-04-25
Updated
2017-05-03
In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), mail sent using the JMail API leaked the used PHPMailer version in the mail headers.
Max CVSS
5.3
EPSS Score
0.14%
Published
2017-04-25
Updated
2017-05-03
4 vulnerabilities found