Vulnerability in ACM template files

Forums    Joomla Templates Club    JA Healthcare    Vulnerability in ACM template files

Tagged: 

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • jurgeng Friend
    June 13, 2016 at 8:32 am #939998

    Dear Joomlart,

    when looking into the ACM template files, I noticed a slight exposure vulnerability.
    The files are not starting with the classical safety line:

    defined('_JEXEC') or die;

    When trying to launch the code, it doesn’t expose very much information, but I still consider it a mild security risk.

    1 user says Thank You to jurgeng for this useful post

    1. Saguaros
    Saguaros Moderator
    June 14, 2016 at 4:14 am #940301

    Hi @jurgeng,

    Thank you very much for your report. Some types in ACM module missed this line of code, the team will update it.

    jurgeng Friend
    June 14, 2016 at 4:27 am #940307

    You’re welcome. I know the value of good feedback. That’s why I make the effort of telling. 🙂
    (I’m not whining, I fixed if on my own site). Feel free to close this support ticket if the bug is in your tracking system.

    Saguaros Moderator
    June 14, 2016 at 4:31 am #940308

    Yes, it’s lined up in the backlog and will be updated pretty soon.

    Thank you again!!!

  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)

This topic contains 3 replies, has 2 voices, and was last updated by  Saguaros 8 years, 5 months ago.

We moved to new unified forum. Please post all new support queries in our New Forum

Important Notice :

New Unified Portal is live

Must Read

Jump to forum

Categories