An issue was discovered in Joomla! 2.5.0 through 3.9.22. The folder parameter of modrandomimage lacked input validation, leading to a path traversal vulnerability.
{ "cpes": [ "cpe:2.3:a:joomla:joomla!:*:*:*:*:*:*:*:*" ], "severity": "High" }