2019-04-10 18:08:53
mitre
PUBLISHED
An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of com_users lacks access checks, allowing calls from unauthenticated users.