An issue was discovered in Joomla! before 3.9.5. The “refresh list of helpsites” endpoint of com_users lacks access checks, allowing calls from unauthenticated users.
Source: NIST
CVE-2019-10946 (joomla!)
Security in mind
An issue was discovered in Joomla! before 3.9.5. The “refresh list of helpsites” endpoint of com_users lacks access checks, allowing calls from unauthenticated users.
Source: NIST
CVE-2019-10946 (joomla!)