Joomla! com_contact Contact Form Unauthorized Access Vulnerability

By GIXnews

A vulnerability in the com_contact contact form feature of Joomla! could allow an authenticated, remote attacker to perform unauthorized actions on a targeted system.

The vulnerability is due to insufficient security checks in the com_contact contact form feature of the affected software. An attacker could exploit this vulnerability to submit mail using disabled forms on a targeted system. A successful exploit could be used to conduct further attacks.

Joomla! has confirmed the vulnerability and released software updates.

Security Impact Rating: Medium

CVE: CVE-2018-17859

Source:: Cisco Multivendor Vulnerability Alerts