CVE-2015-5397
Joomla! 3.2.0-3.3.x and 3.4.x < 3.4.2 - Cross-Site Request Forgery
Title source: llmDescription
Cross-site request forgery (CSRF) vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.2 allows remote attackers to hijack the authentication of unspecified victims for requests that upload code via unknown vectors.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
http://developer.joomla.org/security-centre/618-20150602-core-remote-code-execution.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032796
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/76495
Scores
EPSS
0.0003
EPSS Percentile
8.2%
Details
CWE
CWE-352
Status
published
Products (15)
joomla/joomla\!
3.2.0
joomla/joomla\!
3.2.1
joomla/joomla\!
3.2.2
joomla/joomla\!
3.2.3
joomla/joomla\!
3.2.4
joomla/joomla\!
3.2.5
joomla/joomla\!
3.3.0
joomla/joomla\!
3.3.1
joomla/joomla\!
3.3.2
joomla/joomla\!
3.3.3
... and 5 more
Published
Jul 14, 2015
Tracked Since
Feb 18, 2026