[20230101] - Core - CSRF within post-installation messages
- Details
- Joomla RSS Feed
- Kategorie: Joomla News
Project: Joomla! SubProject: CMS Impact: Low Severity: Low Probability: Low Versions: 4.0.0-4.2.6 Exploit type: CSRF Reported Date: 2022-12-24 Fixed Date: 2023-01-31 CVE Number: CVE-2023-23750 Description A missing token check causes a CSRF vulnerability in the handling of post-installation messages. Affected Installs Joomla! CMS versions 4.0.0-4.2.6 Solution Upgrade to version 4.2.7 Contact The JSST at the Joomla! Security Centre. Reported By: Faizan Wani
- Zugriffe: 552