Unvalidated Option Injection in Joomla! Core Custom Fields

Unvalidated Option Injection in Joomla! Core Custom Fields

CVE-2018-11321 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

An issue was discovered in com_fields in Joomla! Core before 3.8.8. Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option.

Learn more about our User Device Pen Test.