Vigil@nce - Joomla Fancy Tag Cloud: read-write access
September 2016 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can bypass access restrictions of Joomla Fancy Tag
Cloud, in order to read or alter data.
Impacted products: Joomla Extensions not comprehensive.
Severity: 2/4.
Creation date: 22/07/2016.
DESCRIPTION OF THE VULNERABILITY
The Fancy Tag Cloud extension can be installed on Joomla.
However, an attacker can bypass access restrictions to data.
An attacker can therefore bypass access restrictions of Joomla
Fancy Tag Cloud, in order to read or alter data.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Joomla-Fancy-Tag-Cloud-read-write-access-20195