Description

An issue was discovered in Joomla! before 3.9.16. Incorrect Access Control in the SQL fieldtype of com_fields allows access for non-superadmin users.

Remediation

References

CVE-2020-10239

Related Vulnerabilities

Ruby Use of Externally-Controlled Format String Vulnerability (CVE-2017-0898)

SharePoint Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-8580)

Ruby Numeric Errors Vulnerability (CVE-2008-2726)

WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Cross-Site Request Forgery (3.2.11)

WordPress Plugin YITH WooCommerce Product Add-Ons Security Bypass (1.5.21)

Severity

High

Classification

CVE-2020-10239 CWE-862 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities