vulnerability
Joomla!: [20210308] - Core - Path Traversal within joomla/archive zip class (CVE-2021-26028)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Mar 3, 2021 | Mar 3, 2021 | Aug 11, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Mar 3, 2021
Added
Mar 3, 2021
Modified
Aug 11, 2025
Description
An issue was discovered in Joomla! 3.0.0 through 3.9.24. Extracting an specifilcy crafted zip package could write files outside of the intended path.
Solution
joomla-upgrade-3_9_25
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.