CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

An issue was discovered in Joomla! 4.2.0. Multiple Full Path Disclosures because of missing '_JEXEC or die check' caused by the PSR12 changes.

*   **Project:** Joomla!
*   **SubProject:** CMS
*   **Impact:** Low
*   **Severity:** Low
*   **Probability:** Low
*   **Versions:** 4.2.0
*   **Exploit type:** Path Disclosure
*   **Reported Date:** 2022-08-27
*   **Fixed Date:** 2022-08-30
*   **CVE Number:** CVE-2022-27911

**Description**

Multiple Full Path Disclosures because of missing '\_JEXEC or die check' caused by the PSR12 changes done in 4.2.0. According to PROD2020/023 and in coordination with the JSST this has been patched in the public tracker vis #38615

**Affected Installs**

Joomla! CMS versions 4.2.0

**Solution**

Upgrade to version 4.2.1

**Contact**

The JSST at the Joomla! Security Centre.

**Reported By:** SharkyKZ

Headline

CVE-2022-27911: Joomla! Developer Network

CVE: Latest News