[20230502] - Core - Bruteforce prevention within the mfa screen
- Details
- Joomla RSS Feed
- Kategorie: Joomla News
Project: Joomla! SubProject: CMS Impact: Critical Severity: Moderate Probability: Low Versions: 4.2.0-4.3.1 Exploit type: Lack of rate limiting Reported Date: 2023-04-29 Fixed Date: 2023-05-30 CVE Number: CVE-2023-23755 Description The lack of rate limiting allows brute force attacks against MFA methods. Affected Installs Joomla! CMS versions 4.2.0-4.3.1 Solution Upgrade to version 4.3.2 Contact The JSST at the Joomla! Security Centre. Reported By: Phil Taylor
- Zugriffe: 436