CVE-2020-35612

HIGH WAF: High

CVSS 7.5 Published: 2020-12-28

CWE-22

An issue was discovered in Joomla! 2.5.0 through 3.9.22. The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability.

WAF Coverage Analysis

Path Traversal High WAF Coverage

OWASP: A01:2021 Broken Access Control

930xxx - Local File Inclusion

Affected Software

Vendor	Product	Version
joomla	joomla\!	2.5.0 - 3.9.22

References

developer.joomla.org (Vendor Advisory)

Back to CVE Database