KB Article #182295

Joomla CVEs

Problem

Joomla! version 3.10.5 is vulnerable to the following CVEs:

  • CVE-2022-23793, score 7.5, affects Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0
  • CVE-2022-23794, score 5.3, affects Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0
  • CVE-2022-23795, score 9.8, affects Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0
  • CVE-2022-23796, score 6.1, affects Joomla! 3.7.0 through 3.10.6
  • CVE-2022-23797, score 9.8, affects Joomla! 3.0.0 through 3.10.6 & 4.0.0 through 4.1.0
  • CVE-2022-23798, score 6.1, affects Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0

-- Is API Portal affected?

Resolution

* API Portal May 22 and August 22 releases contains Joomla 4.1.5 so is not affected
* Older releases are vulnerable. Axway recommends to upgrade Joomla manually for customers who cannot yet upgrade to May 22 or newer.

Still need help?

If this information wasn't helpful to you, just drop us a line. We'll get back to you as soon as possible.