Vulnerabilities > Joomla > Joomla > 3.9.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-18 | CVE-2019-19845 | Path Traversal vulnerability in Joomla Joomla! In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure. | 5.0 |
| 2019-11-06 | CVE-2019-18674 | Missing Authorization vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.13. | 5.0 |
| 2019-11-06 | CVE-2019-18650 | Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.13. | 6.8 |
| 2019-09-24 | CVE-2019-16725 | Cross-site Scripting vulnerability in Joomla Joomla! In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks using the logo parameter of the default templates. | 4.3 |
| 2019-08-14 | CVE-2019-15028 | Unspecified vulnerability in Joomla Joomla! In Joomla! before 3.9.11, inadequate checks in com_contact could allow mail submission in disabled forms. | 5.0 |
| 2019-06-11 | CVE-2019-12766 | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.7. | 6.1 |
| 2019-06-11 | CVE-2019-12765 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.7. | 9.8 |
| 2019-06-11 | CVE-2019-12764 | Unspecified vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.7. | 6.5 |
| 2019-05-20 | CVE-2019-11809 | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.9.6. | 4.3 |
| 2019-04-20 | CVE-2019-11358 | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. | 6.1 |