CVE-2022-23794

State: PUBLISHED · Published: 2022-03-30 · Updated: 2026-02-25 · Assigner: Joomla

Description

An issue was discovered in Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0. Uploading a file name of an excess length causes the error. This error brings up the screen with the path of the source code of the web application.

CWE

(none)

Affected

Joomla! Project / Joomla! CMS — v=3.0.0-3.10.6 & 4.0.0-4.1.0 [affected]
Joomla! Project / joomla/filesystem — v=1.0.0-1.6.1 & 2.0.0 [affected]

CVSS

(none)

References

https://developer.joomla.org/security-centre/871-20220302-core-path-disclosure-within-filesystem-error-messages.html x_refsource_MISC, vendor-advisory

Source

cvelistV5-main/cves/2022/23xxx/CVE-2022-23794.json