CVE-2015-5397 โ€” Cross-Site Request Forgery in Joomla !

CWE-352 โ€” Cross-Site Request Forgery3 documents3 sources
Severity
6.8MEDIUMNVD
EPSS
0.0%
top 92.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Joomla !
Timeline
PublishedJul 14
Latest updateMay 17

Description

Cross-site request forgery (CSRF) vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.2 allows remote attackers to hijack the authentication of unspecified victims for requests that upload code via unknown vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

โ–ถNVDjoomla/joomla_!15 versions+14

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-5vxq-6wph-49pf: Cross-site request forgery (CSRF) vulnerability in Joomla! 3โ†—2022-05-17
โ–ถ
CVEList
CVE-2015-5397: Cross-site request forgery (CSRF) vulnerability in Joomla! 3โ†—2015-07-14
โ–ถ
CVE-2015-5397 โ€” Cross-Site Request Forgery in Joomla ! | cvebase