Session
Monthly
Session version 1.17.5 allows obtaining internal application files and public files from the user's device without the user's consent. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The Session package 1.x before 1.3.1 for Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Session version 1.17.5 allows obtaining internal application files and public files from the user's device without the user's consent. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The Session package 1.x before 1.3.1 for Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.