https://joaobonin.com/tags/cve-2023-23752/ Recent content in Cve-2023-23752 on João Vítor Moutinho Bonin Hugo en Sat, 16 May 2026 00:00:00 -0300 https://joaobonin.com/posts/htb-devvortex/ Sat, 16 May 2026 00:00:00 -0300 https://joaobonin.com/posts/htb-devvortex/ Write-up for HackTheBox Devvortex - subdomain discovery leading to a Joomla 4.2.6 instance vulnerable to CVE-2023-23752, leaking credentials through the public API, gaining RCE via template editing, and escaping to root through an apport-cli GTFOBins pager trick.