• Project: Joomla!
• SubProject: CMS
• Impact: Low
• Severity: Low
• Versions: 2.5.0 through 3.9.2
• Exploit type: XSS
• Reported Date: 2019-January-17
• Fixed Date: 2019-February-12
• CVE Number: CVE-2019-7739

Description

"No Filtering" textfilter overrides child settings in the Global Configuration. This is intended behavior but might be unexpected for the user. An additional message is now shown in the configuration dialog.

Affected Installs

Joomla! CMS versions 2.5.0 through 3.9.2

Solution

Upgrade to version 3.9.3

Contact

The JSST at the Joomla! Security Centre.