• Project: Joomla!
• SubProject: CMS
• Impact: Low
• Severity: Moderate
• Versions: 3.1.0 through 3.8.7
• Exploit type: Information Disclosure
• Reported Date: 2018-April-27
• Fixed Date: 2018-May-22
• CVE Number: CVE-2018-11327

Description

Inadequate checks allowed users to see the names of tags that were either unpublished or published with restricted view permission .

Affected Installs

Joomla! CMS versions 3.1.0 through 3.8.7

Solution

Upgrade to version 3.8.8

Contact

The JSST at the Joomla! Security Centre.