Wiz
Vulnerability DatabaseCVE-2022-27912

CVE-2022-27912
Joomla vulnerability analysis and mitigation

Overview

A critical information disclosure vulnerability was discovered in Joomla! versions 4.0.0 through 4.2.3, identified as CVE-2022-27912. The vulnerability allowed sites with publicly enabled debug mode to expose data from previous requests. The issue was reported on October 13, 2022, and was fixed on October 25, 2022, with the release of Joomla! version 4.2.4 (Joomla Security).

Technical details

The vulnerability was classified with a critical impact but low severity and probability. The exploit type was identified as Information Disclosure, affecting the core functionality of Joomla! CMS. The issue specifically manifested when debug mode was publicly enabled, allowing unauthorized access to previous request data (Joomla Security).

Impact

When exploited, the vulnerability could lead to the exposure of sensitive information from previous requests made to the Joomla! site. This information disclosure could potentially reveal critical system data to unauthorized users when debug mode was enabled (Joomla Security).

Mitigation and workarounds

The vulnerability was addressed in Joomla! version 4.2.4. The recommended solution is to upgrade to this version or later. Until the upgrade can be performed, administrators should ensure that debug mode is not publicly enabled on their Joomla! installations (Joomla Security).

Additional resources

SourceThis report was generated using AI

Related Joomla vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-25227HIGH7.5
  • PHPPHP
  • cpe:2.3:a:joomla:joomla\!
NoYesApr 08, 2025
CVE-2025-63083MEDIUM5.9
  • JoomlaJoomla
  • cpe:2.3:a:joomla:joomla\!
NoNoJan 06, 2026
CVE-2025-63082MEDIUM5.9
  • JoomlaJoomla
  • cpe:2.3:a:joomla:joomla\!
NoNoJan 06, 2026
CVE-2025-54477MEDIUM5.3
  • JoomlaJoomla
  • cpe:2.3:a:joomla:joomla\!
NoNoSep 30, 2025
CVE-2025-54476MEDIUM4.8
  • PHPPHP
  • joomla/filter
NoYesSep 30, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo