CVE-2019-9921

EUVD-2019-19276
An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to read information that should only be accessible by a different user.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
mitreCNA
7.7 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AC:L/AV:N/A:N/C:H/I:N/PR:L/S:C/UI:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
Affected Products (NVD)
VendorProductVersion
harmistechnologyje_messenger
1.2.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://extensions.joomla.org/extension/je-messenger/
https://github.com/azd-cert/CVE/blob/master/CVEs/CVE-2019-9921.md
https://extensions.joomla.org/extension/je-messenger/
https://github.com/azd-cert/CVE/blob/master/CVEs/CVE-2019-9921.md