Account Misuse Vulnerability in Harmis JE Messenger for Joomla!
CVE-2019-9920

7.7HIGH

Key Information:

Vendor: Harmistechnology
Status: Je Messenger
Vendor: CVE Published:; 29 March 2019

🔔 Create Harmistechnology Vulnerability Alert

What is CVE-2019-9920?

A security issue has been identified in the Harmis JE Messenger component version 1.2.2 for Joomla!. This vulnerability allows an attacker to execute actions within the context of another user's account, potentially leading to unauthorized access and manipulation of user data. It is crucial for users to ensure they are using updated versions of the software and to apply any available security patches to mitigate risks associated with this exploit.

References

https://extensions.joomla.org/extension/je-messenger/

x_refsource_MISC

https://github.com/azd-cert/CVE/blob/master/CVEs/CVE-2019...

x_refsource_MISC

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

CVSS V3.0

Score:

7.7

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 29, 2019
Vulnerability Reserved
Mar 21, 2019

CVE-2019-9920 Data

JSON