CVE-2022-23794 is a vulnerability in Joomla
Published on March 30, 2022

[20220302] - Core - Path Disclosure within filesystem error messages
An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application.

Vendor Advisory NVD

Products Associated with CVE-2022-23794

Want to know whenever a new CVE is published for Joomla? stack.watch will email you.

Joomla

Affected Versions

Joomla! Project Joomla! CMS:

Version 3.0.0-3.10.6 & 4.0.0-4.1.0 is affected.

Joomla! Project joomla/filesystem:

Version 1.0.0-1.6.1 & 2.0.0 is affected.

Exploit Probability

EPSS

0.01%

Percentile

0.40%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-23794 is a vulnerability in JoomlaPublished on March 30, 2022

Products Associated with CVE-2022-23794

Affected Versions

Exploit Probability

CVE-2022-23794 is a vulnerability in Joomla
Published on March 30, 2022