Description
An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5. Inadequate permissions checks in the Beez3 layout override of the com_content article view allow users to view articles that should not be publicly accessible, as demonstrated by an index.php?option=com_content&view=article&id=1&template=beez3 request.
Remediation
References
Related Vulnerabilities
MySQL CVE-2017-3650 Vulnerability (CVE-2017-3650)
WordPress Plugin WP e-Commerce Predictive Search Cross-Site Scripting (1.1.1)
Drupal CVE-2017-6925 Vulnerability (CVE-2017-6925)
WordPress Plugin Crafty Social Buttons Cross-Site Scripting (1.5.6)
WordPress Plugin Passster-Password Protection Security Bypass (3.5.5.8)