Impact
The Helix3 plugin for Joomla contains a flaw in an AJAX handler that lets anyone on the network delete arbitrary files, write arbitrary JSON files, and change template parameters. This authorization weakness (CWE‑284) allows an attacker to tamper with site files, corrupt configuration, and potentially facilitate further compromise. The flaw threatens the integrity and availability of the Joomla site, though it does not directly expose sensitive data.
Affected Systems
All installations of the Helix3 extension for Joomla, regardless of specific version, are vulnerable because the description does not limit the impact to any particular release.
Risk and Exploitability
The vulnerability can be triggered by sending unauthenticated HTTP requests to the Helix3 AJAX endpoint with crafted task parameters. It carries a CVSS score of 7.5, indicating a high severity level. No authentication is required, so the attack vector is straightforward and can be performed remotely. The EPSS score is not available, but the strength of the flaw and the widespread use of Joomla suggest a high likelihood of exploitation. The vulnerability is not currently listed in the CISA KEV catalog.
OpenCVE Enrichment