CVE-2017-14595

Published: Sep 20, 2017Modified: May 13, 2026

3.7

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.2 / Impact: 1.4

Source: NVD

Description

In Joomla! before 3.8.0, a logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state.

Affected (6)

Products: Joomla: Joomla!

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Joomla Joomla!	Version 3.7.0
Joomla Joomla!	Version 3.7.1
Joomla Joomla!	Version 3.7.2
Joomla Joomla!	Version 3.7.3
Joomla Joomla!	Version 3.7.4
Joomla Joomla!	Version 3.7.5

References (6)

http://www.securityfocus.com/bid/100900

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039407

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://developer.joomla.org/security-centre/710-20170901-core-information-disclosure

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/100900

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039407

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://developer.joomla.org/security-centre/710-20170901-core-information-disclosure

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.