CVE-2019-25762

HIGH SEVERITY

CVSS Score & Metrics

Base Score

7.5 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N                                    

Vulnerability Description

Joomla! Component JoomProject 1.1.3.2 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive user data by exploiting the projects endpoint. Attackers can send requests to index.php with option=com_jpprojects&view=projects&tmpl=component&format=json parameters to retrieve user IDs, names, and email addresses in JSON format.

Vulnerability Details

Published Date

June 19, 2026

Last Modified

June 19, 2026

CWE ID

CWE-359

Source

NVD

Vendor

Joomboost

Product

JoomProject

External References

http://joomboost.com/
https://extensions.joomla.org/extensions/extension/clients-a-communities/project-a-task-management/joomproject/
https://www.exploit-db.com/exploits/46121
https://www.vulncheck.com/advisories/joomla-component-joomproject-information-disclosure

CVE-2019-25762

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment