CVE-2024-27185

Summary

The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors.

Affected Software

VendorProductVersion RangeStatus
Joomla! ProjectJoomla! CMS3.0.0-3.10.16affected
Joomla! ProjectJoomla! CMS4.0.0-4.4.6affected
Joomla! ProjectJoomla! CMS5.0.0-5.1.2affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References