Description

An issue was discovered in Joomla! 3.2.0 through 3.9.24. Missing input validation within the template manager.

Remediation

References

CVE-2021-23131

Related Vulnerabilities

Jenkins Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-3664)

SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1576)

WordPress Plugin Category Specific RSS feed Subscription Cross-Site Request Forgery (2.0)

WordPress Plugin Wordfence Security-Firewall & Malware Scan Cross-Site Scripting (5.2.2)

IBM RTC Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-4946)

Severity

High

Classification

CVE-2021-23131 CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities