CVE-2025-27445

{"id": "CVE-2025-27445", "cveTags": [], "metrics": {}, "published": "2025-06-05T14:15:31.413", "references": [{"url": "https://rsjoomla.com/", "source": "security@joomla.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "security@joomla.org", "description": [{"lang": "en", "value": "CWE-35"}]}], "descriptions": [{"lang": "en", "value": "A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of user-supplied input in file path parameters, allowing attackers to exploit directory traversal sequences (e.g., ../) to access sensitive files"}], "lastModified": "2025-06-05T20:12:23.777", "sourceIdentifier": "security@joomla.org"}