CVE-2022-27909

EUVD-2022-32397
In Joomla component 'jDownloads 3.9.8.2 Stable' the remote user can change some parameters in the address bar and see the names of other users' files
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Affected Products (NVD)
VendorProductVersion
jdownloadsjdownloads
3.9.8.2
𝑥
= Vulnerable software versions
References
https://hackerhood.redhotcyber.com/cve-2022-27909-jdownloads/
https://www.jdownloads.com/index.php/downloads/download/57-jdownloads-3-9.html
https://hackerhood.redhotcyber.com/cve-2022-27909-jdownloads/
https://www.jdownloads.com/index.php/downloads/download/57-jdownloads-3-9.html