CVE-2022-23799 is a vulnerability in Joomla
Published on March 30, 2022

[20220307] - Core - Variable Tampering on JInput $_REQUEST data
An issue was discovered in Joomla! 4.0.0 through 4.1.0. Under specific circumstances, JInput pollutes method-specific input bags with $_REQUEST data.

Vendor Advisory NVD

Products Associated with CVE-2022-23799

Want to know whenever a new CVE is published for Joomla? stack.watch will email you.

Joomla

Affected Versions

Joomla! Project Joomla! CMS:

Version 4.0.0-4.1.0 is affected.

Joomla! Project joomla/input:

Version 2.0.0-2.0.1 is affected.

Exploit Probability

EPSS

0.01%

Percentile

1.46%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2022-23799 is a vulnerability in JoomlaPublished on March 30, 2022

Products Associated with CVE-2022-23799

Affected Versions

Exploit Probability

CVE-2022-23799 is a vulnerability in Joomla
Published on March 30, 2022