Vulnerabilities > Joomla > Joomla > 3.7.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-10 | CVE-2017-16633 | Information Exposure vulnerability in Joomla Joomla! In Joomla! before 3.8.2, a logic bug in com_fields exposed read-only information about a site's custom fields to unauthorized users. | 4.0 |
| 2017-09-20 | CVE-2017-14596 | LDAP Injection vulnerability in Joomla Joomla! In Joomla! before 3.8.0, inadequate escaping in the LDAP authentication plugin can result in a disclosure of a username and password. | 5.0 |
| 2017-09-20 | CVE-2017-14595 | Unspecified vulnerability in Joomla Joomla! In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state. network joomla | 4.3 |
| 2017-08-02 | CVE-2017-11364 | Improper Certificate Validation vulnerability in Joomla Joomla! The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs. | 6.5 |
| 2017-07-26 | CVE-2017-11612 | Cross-site Scripting vulnerability in Joomla Joomla! In Joomla! before 3.7.4, inadequate filtering of potentially malicious HTML tags leads to XSS vulnerabilities in various components. | 4.3 |