CVE-2021-26028
Description
An issue was discovered in Joomla! 3.0.0 through 3.9.24. Extracting an specifilcy crafted zip package could write files outside of the intended path.
CWE
- (none)
Affected
- Joomla! Project / Joomla! CMS — v=3.0.0-3.9.24 [affected]
CVSS
- (none)
References
- https://developer.joomla.org/security-centre/848-20210308-core-path-traversal-within-joomla-archive-zip-class.html x_refsource_MISC, vendor-advisory
Source
cvelistV5-main/cves/2021/26xxx/CVE-2021-26028.json