Vigil@nce - Joomla Watchful Client: information disclosure
August 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can make Joomla Watchful Client call code stored
outside of the product installation tree, in order to obtain
sensitive information.
Impacted products: Joomla! Core
Severity: 2/4
Creation date: 08/08/2014
DESCRIPTION OF THE VULNERABILITY
The Watchful Client extension can be installed on Joomla.
An attacker can make Joomla Watchful Client call code stored
outside of the product installation tree, in order to obtain
sensitive information.
A detailed analysis was not performed for this bulletin.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Joomla-Watchful-Client-information-disclosure-15143