CVE-2019-17527

2019-12-1920:41:07

mitre

www.cve.org

AI Score

Confidence

High

EPSS

0.001

Percentile

49.5%

JSON

dataForDepandantField in models/custormfields.php in the JS JOBS FREE extension before 1.2.7 for Joomla! allows SQL Injection via the index.php?option=com_jsjobs&task=customfields.getfieldtitlebyfieldandfieldfo child parameter.

References

gist.github.com/blackcon/c61771eb8c9f0aeef6f6797f945efa13