CVE-2015-7859
Joomla! 3.2-3.4.4 - Unauthorized Sensitive Information Exposure via com_contenthistory Component
Title source: llmDescription
The com_contenthistory component in Joomla! 3.2 before 3.4.5 does not properly check ACLs, which allows remote attackers to obtain sensitive information via unspecified vectors.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033950
Various Sources x_refsource_confirm
http://developer.joomla.org/security-centre/629-20151002-core-acl-violations.html
Scores
EPSS
0.0016
EPSS Percentile
37.1%
Details
CWE
CWE-200
Status
published
Products (15)
joomla/joomla\!
3.2.0
joomla/joomla\!
3.2.1
joomla/joomla\!
3.2.2
joomla/joomla\!
3.2.3
joomla/joomla\!
3.2.4
joomla/joomla\!
3.3.0
joomla/joomla\!
3.3.1
joomla/joomla\!
3.3.2
joomla/joomla\!
3.3.3
joomla/joomla\!
3.3.4
... and 5 more
Published
Oct 29, 2015
Tracked Since
Feb 18, 2026