CVE-2021-23123

Summary

An issue was discovered in Joomla! 3.0.0 through 3.9.23. The lack of ACL checks in the orderPosition endpoint of com_modules leak names of unpublished and/or inaccessible modules.

Affected Software

VendorProductVersion RangeStatus
Joomla! ProjectJoomla! CMS3.0.0-3.9.23affected

Weaknesses

  • Incorrect Access Control

ADP Enrichment

CVE Program Container

Additional References

References