CVE-2015-8563

Cross-site request forgery (CSRF) vulnerability in the com_templates component in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.6 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Published: Dec 16, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-8563
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
Joomla / joomla	3.3.3	3.3.3.x
Joomla / joomla	3.2.1	3.2.1.x
Joomla / joomla	3.3.5	3.3.5.x
Joomla / joomla	3.4.4	3.4.4.x
Joomla / joomla	3.3.4	3.3.4.x
Joomla / joomla	3.3.1	3.3.1.x
Joomla / joomla	3.2.2	3.2.2.x
Joomla / joomla	3.4.1	3.4.1.x
Joomla / joomla	3.4.5	3.4.5.x
Joomla / joomla	3.4.0	3.4.0.x
Joomla / joomla	3.3.0	3.3.0.x
Joomla / joomla	3.2.4	3.2.4.x
Joomla / joomla	3.4.3	3.4.3.x
Joomla / joomla	3.2.3	3.2.3.x
Joomla / joomla	3.2.0	3.2.0.x
Joomla / joomla	3.3.2	3.3.2.x

http://www.securityfocus.com/bid/79199
https://developer.joomla.org/security-centre/633-20151214-core-csrf-hardening.html

Vulnerability Database

CVE-2015-8563