Security Advisory

CVE-2021-23123

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-12 20:19:49
Last updated 2026-02-25 05:04:57
Assigner Joomla
State PUBLISHED

Description

An issue was discovered in Joomla! 3.0.0 through 3.9.23. The lack of ACL checks in the orderPosition endpoint of com_modules leak names of unpublished and/or inaccessible modules.