CVE-2022-27909

In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
JoomlaCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
VendorProductVersion
jdownloadsjdownloads
3.9.8.2
𝑥
= Vulnerable software versions
References
https://hackerhood.redhotcyber.com/cve-2022-27909-jdownloads/
https://www.jdownloads.com/index.php/downloads/download/57-jdownloads-3-9.html
https://hackerhood.redhotcyber.com/cve-2022-27909-jdownloads/
https://www.jdownloads.com/index.php/downloads/download/57-jdownloads-3-9.html