• Project: Joomla!
  • SubProject: CMS
  • Impact: Critical
  • Severity: Low
  • Probability: Low
  • Versions: 4.0.0-4.2.3
  • Exploit type: Information Disclosure
  • Reported Date: 2022-10-13
  • Fixed Date: 2022-10-25
  • CVE Number: CVE-2022-27912

Description

Joomla 4 sites with publicly enabled debug mode exposed data of previous requests.

Affected Installs

Joomla! CMS versions 4.0.0-4.2.3

Solution

Upgrade to version 4.2.4

Contact

The JSST at the Joomla! Security Centre.

Reported By: Peter Martin