CVE-2018-15881

EUVD-2018-7738
An issue was discovered in Joomla! before 3.8.12. Inadequate checks regarding disabled fields can lead to an ACL violation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
Affected Products (NVD)
VendorProductVersion
joomlajoomla\!
𝑥
< 3.8.12
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/105161
http://www.securitytracker.com/id/1041913
https://developer.joomla.org/security-centre/745-20180803-core-acl-violation-in-custom-fields.html
http://www.securityfocus.com/bid/105161
http://www.securitytracker.com/id/1041913
https://developer.joomla.org/security-centre/745-20180803-core-acl-violation-in-custom-fields.html