Description

The com_content component in Joomla! 3.x before 3.4.5 does not properly check ACLs, which allows remote attackers to obtain sensitive information via unspecified vectors.

Remediation

References

CVE-2015-7899

Related Vulnerabilities

WordPress Plugin WP Activity Log Cross-Site Request Forgery (4.1.3.2)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-3943)

WordPress Plugin Gutenberg Blocks by WordPress Download Manager Cross-Site Scripting (2.1.8)

WordPress Plugin Membership 2 Unspecified Vulnerability (4.0.0.2)

Atlassian Confluence Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8399)

Severity

Medium

Classification

CVE-2015-7899 CWE-284

Tags

Missing Update Known Vulnerabilities