Description

An issue was discovered in Joomla! before 3.9.16. Incorrect Access Control in the SQL fieldtype of com_fields allows access for non-superadmin users.

Remediation

References

CVE-2020-10239

Related Vulnerabilities

MyBB Improper Privilege Management Vulnerability (CVE-2018-1000503)

WordPress Plugin Watu Quiz Cross-Site Scripting (3.3.8.2)

WordPress Plugin Kama Click Counter SQL Injection (3.4.9)

Apache httpd remote denial of service

WebLogic CVE-2019-2646 Vulnerability (CVE-2019-2646)

Severity

High

Classification

CVE-2020-10239 CWE-862 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities