CVE-2017-7989
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-7989
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7989.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-7989
- Published
- 2017-04-25T18:59:00.463Z
- Modified
- 2025-11-20T10:24:40.608209Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
In Joomla! 3.2.0 through 3.6.5 (fixed in 3.7.0), inadequate MIME type checks allowed low-privilege users to upload swf files even if they were explicitly forbidden.
- References
Affected packages
Git / github.com/joomla/joomla-cms
Affected ranges
- Type
- GIT
- Repo
- https://github.com/joomla/joomla-cms
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected