CVE-2016-9837 Information
Feb 14, 2021
cve
Description
An issue was discovered in templates/beez3/html/com_content/article/default.php in Joomla! before 3.6.5. Inadequate permissions checks in the Beez3 layout override of the com_content article view allow users to view articles that should not be publicly accessible as demonstrated by an index.php?option=com_content&view=article&id=1&template=beez3 request.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Reference
http://www.securityfocus.com/bid/94892 https://www.joomla.org/announcements/release-news/5693-joomla-3-6-5-released.html
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
NONE
Base Score
NONE
Base Severity
7.5
Share on: