CVE-2022-23795 is a vulnerability in Joomla
Published on March 30, 2022

[20220303] - Core - User row are not bound to a authentication mechanism
An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover.

Vendor Advisory NVD

Products Associated with CVE-2022-23795

Want to know whenever a new CVE is published for Joomla? stack.watch will email you.

Joomla

Affected Versions

Joomla! Project Joomla! CMS Version 2.5.0-3.10.6 & 4.0.0-4.1.0 is affected by CVE-2022-23795

Exploit Probability

EPSS

0.01%

Percentile

0.80%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-23795 is a vulnerability in JoomlaPublished on March 30, 2022

Products Associated with CVE-2022-23795

Affected Versions

Exploit Probability

CVE-2022-23795 is a vulnerability in Joomla
Published on March 30, 2022