{"api_version":"1","generated_at":"2026-07-10T08:18:31+00:00","cve":"CVE-2019-7739","urls":{"html":"https://cve.report/CVE-2019-7739","api":"https://cve.report/api/cve/CVE-2019-7739.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-7739","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-7739"},"summary":{"title":"CVE-2019-7739","description":"An issue was discovered in Joomla! before 3.9.3. The \"No Filtering\" textfilter overrides child settings in the Global Configuration. This is intended behavior. However, it might be unexpected for the user because the configuration dialog lacks an additional message to explain this.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2019-02-12 18:29:00","updated_at":"2020-08-24 17:37:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://developer.joomla.org/security-centre/767-20190203-core-additional-warning-in-the-global-configuration-textfilter-settings","name":"https://developer.joomla.org/security-centre/767-20190203-core-additional-warning-in-the-global-configuration-textfilter-settings","refsource":"MISC","tags":["Vendor Advisory"],"title":"[20190203] - Core - Additional warning in the Global Configuration textfilter settings","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/107015","name":"107015","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"Joomla! Core CVE-2019-7739 Security Bypass Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-7739","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7739","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2019","cve_id":"7739","vulnerable":"1","versionEndIncluding":"3.9.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"joomla","cpe5":"joomla!","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"7739","vulnerable":"1","versionEndIncluding":"3.9.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"joomla","cpe5":"joomla\\!","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2019-7739","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An issue was discovered in Joomla! before 3.9.3. The \"No Filtering\" textfilter overrides child settings in the Global Configuration. This is intended behavior. However, it might be unexpected for the user because the configuration dialog lacks an additional message to explain this."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"https://developer.joomla.org/security-centre/767-20190203-core-additional-warning-in-the-global-configuration-textfilter-settings","refsource":"MISC","url":"https://developer.joomla.org/security-centre/767-20190203-core-additional-warning-in-the-global-configuration-textfilter-settings"},{"name":"107015","refsource":"BID","url":"http://www.securityfocus.com/bid/107015"}]}},"nvd":{"publishedDate":"2019-02-12 18:29:00","lastModifiedDate":"2020-08-24 17:37:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":6.1,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":2.7},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE","baseScore":4.3},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"2.5.0","versionEndIncluding":"3.9.2","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"7739","Ordinal":"145571","Title":"CVE-2019-7739","CVE":"CVE-2019-7739","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"7739","Ordinal":"1","NoteData":"An issue was discovered in Joomla! before 3.9.3. The \"No Filtering\" textfilter overrides child settings in the Global Configuration. This is intended behavior. However, it might be unexpected for the user because the configuration dialog lacks an additional message to explain this.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"7739","Ordinal":"2","NoteData":"2019-02-12","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"7739","Ordinal":"3","NoteData":"2019-02-14","Type":"Other","Title":"Modified"}]}}}