来源:Joomla官网
发布日期:2020-11-07
阅读次数:423
评论:0
更新标题
[20201107] - Core - Write ACL violation in multiple core views
更新详情
[20201107] - Core - Write ACL violation in multiple core views
Project: Joomla!
SubProject: CMS
Impact: High
Severity: Low
Versions:1.7.0 - 3.9.22
Exploit type: ACL Violation
Reported Date: 2018-11-04
Fixed Date: 2020-11-24
CVE Number: CVE-2020-xxx (TBA)
Description
Lack of input validation while handling ACL rulesets can cause write ACL violations.
Affected Installs
Joomla! CMS versions 1.7.0 - 3.9.22
Solution
Upgrade to version 3.9.23
Contact
The JSST at the Joomla! Security Centre.
Reported By: Elisa Foltyn, Benjamin Trenkle
评论