FAILLE DE SECURITE JOOMLA – [20180301] – Core – SQLi vulnerability User Notes

FAILLE DE SECURITE JOOMLA – [20180301] – Core – SQLi vulnerability User Notes
5 (100%) 5 votes

FAILLE DE SECURITE JOOMLA – [20180301] – Core – SQLi vulnerability User Notes

  • Project: Joomla!
  • SubProject: CMS
  • Impact: High
  • Severity: Low
  • Versions: 3.5.0 through 3.8.5
  • Exploit type: SQLi
  • Reported Date: 2018-March-08
  • Fixed Date: 2018-March-12
  • CVE Number: CVE-2018-8045

Description

The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the User Notes list view

Affected Installs

Joomla! CMS versions 3.5.0 through 3.8.5

Solution

Upgrade to version 3.8.6

Contact

The JSST at the Joomla! Security Centre.

Reported By: Entropy Moe

 

WP Facebook Auto Publish Powered By : XYZScripts.com