Description

Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and delete the private messages of arbitrary users via unspecified vectors.

Remediation

References

CVE-2013-3056

Related Vulnerabilities

Drupal Core 8.3.0 Security Bypass (8.3.0)

SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-2581)

phpMyFAQ Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-6048)

MySQL CVE-2021-35596 Vulnerability (CVE-2021-35596)

WordPress Plugin WordPress Framework Possible Backdoor (1.0)

Severity

Medium

Classification

CVE-2013-3056 CWE-264

Tags

Missing Update Known Vulnerabilities