CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access com_actionlogs.

**Security Announcements**

**\[20230102\] - Core - Missing ACL checks for com\_actionlogs**

*   **Project:** Joomla!
*   **SubProject:** CMS
*   **Impact:** Low
*   **Severity:** Low
*   **Probability:** Low
*   **Versions:** 4.0.0-4.2.6
*   **Exploit type:** Incorrect Access Control
*   **Reported Date:** 2023-01-01
*   **Fixed Date:** 2023-01-31
*   **CVE Number:** CVE-2023-23751

**Description**

A missing ACL check allows non super-admin users to access com\_actionlogs.

**Affected Installs**

Joomla! CMS versions 4.0.0-4.2.6

**Solution**

Upgrade to version 4.2.7

**Contact**

The JSST at the Joomla! Security Centre.

*   
*

Headline

CVE-2023-23751: Joomla! Developer Network

CVE: Latest News