Loading market data...
← Back to CVE feed

CVE-2019-25762

HIGH CVSS 7.5 View on NVD ↗

Description

Joomla! Component JoomProject 1.1.3.2 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive user data by exploiting the projects endpoint. Attackers can send requests to index.php with option=com_jpprojects&view=projects&tmpl=component&format=json parameters to retrieve user IDs, names, and email addresses in JSON format.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Published: Jun 19, 2026 18:16 UTC Modified: Jun 19, 2026 18:16 UTC