Joomla! before 3.9.13 Missing Authorization Vulnerability

Summary

Missing access check in the phputf8 mapping files could lead to a path disclosure.

Credit:

The information has been provided by Vendor

The original article can be found at:https://developer.joomla.org/security-centre/795-20191002-core-path-disclosure-in-phpuft8-mapping-files.html

 


Details

An issue was discovered in Joomla! before 3.9.13. A missing access check in the phputf8 mapping files could lead to a path disclosure.

 

Vulnerable Systems:

Joomla! before 3.9.13

 

CVE Information:

CVE-2019-18674

 

Disclosure Timeline:
Published Date:11/5/2019