Joomla! Component JoomProject 1.1.3.2 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive user data by exploiting the projects endpoint. Attackers can send requests to index.php with option=com_jpprojects&view=projects&tmpl=component&format=json parameters to retrieve user IDs, names, and email addresses in JSON format.
Metrics
Affected Vendors & Products
References
History
Mon, 22 Jun 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Sun, 21 Jun 2026 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Joomboost
Joomboost joomproject |
|
| Vendors & Products |
Joomboost
Joomboost joomproject |
Fri, 19 Jun 2026 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Joomla! Component JoomProject 1.1.3.2 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive user data by exploiting the projects endpoint. Attackers can send requests to index.php with option=com_jpprojects&view=projects&tmpl=component&format=json parameters to retrieve user IDs, names, and email addresses in JSON format. | |
| Title | Joomla! Component JoomProject 1.1.3.2 Information Disclosure | |
| Weaknesses | CWE-359 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: VulnCheck
Published: 2026-06-19T17:48:44.945Z
Updated: 2026-06-22T14:09:04.210Z
Reserved: 2026-06-19T14:33:52.614Z
Link: CVE-2019-25762
Updated: 2026-06-22T14:08:57.434Z
No data.
No data.