Missing _JEXEC check in Smart related articles extension 1.1 for Joomla! allows unauthorized direct requests to dialog.php

Missing _JEXEC check in Smart related articles extension 1.1 for Joomla! allows unauthorized direct requests to dialog.php

CVE-2017-7627 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The "Smart related articles" extension 1.1 for Joomla! does not prevent direct requests to dialog.php (there is a missing _JEXEC check).

Learn more about our Web Application Penetration Testing UK.