Joomla! before 3.9.14 Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) Vulnerability

Summary

Missing access check in framework files could lead to a path disclosure.

Credit:

The information has been provided by Vendor

The original article can be found at:https://developer.joomla.org/security-centre/796-20191201-core-path-disclosure-in-logger-class


Details

In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure.

 

Vulnerable Systems:

Joomla! before 3.9.14

 

CVE Information:

CVE-2019-19845

 

Disclosure Timeline:
Published Date:12/17/2019

Categories: News