Known Vulnerabilities for products from Joomla
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Joomla".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-23801 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2022-03-30 | 2022-04-05 |
| CVE-2022-23800 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2022-03-30 | 2022-04-05 |
| CVE-2022-23799 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-03-30 | 2022-04-05 |
| CVE-2022-23798 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2022-03-30 | 2022-04-05 |
| CVE-2022-23797 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-03-30 | 2022-04-05 |
| CVE-2022-23796 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2022-03-30 | 2022-04-05 |
| CVE-2022-23795 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-03-30 | 2022-04-05 |
| CVE-2022-23794 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2022-03-30 | 2022-04-05 |
| CVE-2022-23793 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-03-30 | 2022-04-05 |
| CVE-2021-26040 | An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing ... | 9.1 - CRITICAL | 2021-08-24 | 2021-08-31 |
| CVE-2021-26039 | An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate escaping in the imagelist view of com_media leads to a XS... | 6.1 - MEDIUM | 2021-07-07 | 2021-07-07 |
| CVE-2021-26038 | An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL chec... | 7.5 - HIGH | 2021-07-07 | 2021-07-09 |
| CVE-2021-26037 | An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine existing user sessions when a... | 5.3 - MEDIUM | 2021-07-07 | 2021-07-09 |
| CVE-2021-26036 | An issue was discovered in Joomla! 2.5.0 through 3.9.27. Missing validation of input could lead to a broken usergroups table. | 7.5 - HIGH | 2021-07-07 | 2021-07-09 |
| CVE-2021-26035 | An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate escaping in the rules field of the JForm API leads to a X... | 6.1 - MEDIUM | 2021-07-07 | 2021-07-07 |
| CVE-2021-26034 | An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in data download e... | 6.5 - MEDIUM | 2021-05-26 | 2021-05-28 |
| CVE-2021-26033 | An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in the AJAX reorde... | 6.5 - MEDIUM | 2021-05-26 | 2021-05-28 |
| CVE-2021-26032 | An issue was discovered in Joomla! 3.0.0 through 3.9.26. HTML was missing in the executable block list of MediaHelper::canUpl... | 6.1 - MEDIUM | 2021-05-26 | 2021-05-28 |
| CVE-2021-26031 | An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate filters on module layout settings could lead to an LFI. | 5.3 - MEDIUM | 2021-04-14 | 2021-04-22 |
| CVE-2021-26030 | An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of ... | 6.1 - MEDIUM | 2021-04-14 | 2021-04-22 |