CVE-2020-35612

[20201103] - Core - Path traversal in mod_random_image

EPSS 1.6%

An issue was discovered in Joomla! 2.5.0 through 3.9.22. The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability.

Produtos afetados

Joomla! Project · Joomla! CMS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://developer.joomla.org/security-centre/830-20201103-core-path-traversal-in-mod-random-image.html