The following metadata has been embedded in the body. Website Malware Removal Service – [20170901] - Core - Information Disclosure

[20170901] – Core – Information Disclosure

Posted by MalRemServ on 19 09 2017. 0 Comments

  • Project: Joomla!
  • SubProject: CMS
  • Severity: Low
  • Versions: 3.7.0 through 3.7.5
  • Exploit type: Information Disclosure
  • Reported Date: 2017-August-4
  • Fixed Date: 2017-September-19
  • CVE Number: CVE-2017-14595

Description

A logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state.

Affected Installs

Joomla! CMS versions 3.7.0 through 3.7.5

Solution

Upgrade to version 3.8.0

Contact

The JSST at the Joomla! Security Centre.

Reported By: Michal Prochaczek



This information provided by Security Announcements. For more information or details on this exploit or vulnerability, please visit Link.

If you have this installed, we highly recommend you update to the latest version immediately, or if you are no longer using it, remove it from your site. If your site has been compromised due to this vulnerability, we can help.

If you aren’t technical and you need immediate assistance, we can reduce the impact and prevent further damage quickly – Now is your chance, we can have the typical site cleaned and secured in just a few hours. Check out our Pricing page for details on our professional, reliable malware removal services.