CVE-2011-2889Sensitive Information Exposure in Joomla !

CWE-200Sensitive Information Exposure2 documents2 sources
Severity
5.0MEDIUMNVD
EPSS
0.0%
top 99.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Joomla !
Timeline
PublishedJul 27
Latest updateMay 17

Description

templates/system/error.php in Joomla! before 1.5.23 might allow remote attackers to obtain sensitive information via unspecified vectors that trigger an undefined value of a certain error field, leading to disclosure of the installation path. NOTE: this might overlap CVE-2011-2488.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDjoomla/joomla_!1.5.22+22

Patches

Patch: www.joomla.orgPatch: www.joomla.org

🔴Vulnerability Details

1
GHSA
GHSA-7gr4-5g4h-q48g: templates/system/error2022-05-17