An issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter.
References
Link | Resource |
---|---|
https://developer.joomla.org/security-centre/743-20180801-core-hardening-the-inputfilter-for-phar-stubs.html | Vendor Advisory |
http://www.securityfocus.com/bid/105166 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1041913 | Third Party Advisory |
Configurations
Information
Published : 2018-08-28 20:29
Updated : 2018-11-05 10:14
NVD link : CVE-2018-15882
Mitre link : CVE-2018-15882
JSON object : View
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type
Products Affected
joomla
- joomla\!