Developer Network™ - Project: Joomla!
- SubProject: CMS
- Severity: Moderate
- Versions: 3.2.0 through 3.4.4
- Exploit type: ACL Violation
- Reported Date: 2015-October-15
- Fixed Date: 2015-October-22
- CVE Number: CVE-2015-7859
Description
Inadequate ACL checks in com_contenthistory provide potential read access to data which should be access restricted.
Affected Installs
Joomla! CMS versions 3.2.0 through 3.4.4
Solution
Upgrade to version 3.4.5
Contact
The JSST at the Joomla! Security Centre.
Reported By: JSST