Published in Business

[20181001] - Core - Hardening com_contact contact form

by on09 October 2018
Project: Joomla! SubProject: CMS Impact: Moderate Severity: Low Versions: 2.5.0 through 3.8.12
  • Project: Joomla!
  • SubProject: CMS
  • Impact: Moderate
  • Severity: Low
  • Versions: 2.5.0 through 3.8.12
  • Exploit type: Incorrect Access Control
  • Reported Date: 2018-September-17
  • Fixed Date: 2018-October-02
  • CVE Number: CVE-2018-17859

Description

Inadequate checks in com_contact could allowed mail submission in disabled forms.

Affected Installs

Joomla! CMS versions 2.5.0 through 3.8.12

Solution

Upgrade to version 3.8.13

Contact

The JSST at the Joomla! Security Centre.

Reported By: David Jardin (JSST)
Don't miss a thing!
Stay up-to-dated with JoomlaQuickStart
Receive updates for our Joomla news