CVE-2018-17856

Published: 2018-10-09T21:29Z

Last Modified: 2024-11-21T03:55Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An issue was discovered in Joomla! before 3.8.13. com_joomlaupdate allows the execution of arbitrary code. The default ACL config enabled the ability of Administrator-level users to access com_joomlaupdate and trigger code execution. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt