[20230501] - Core - Open Redirects and XSS within the mfa selection
- Details
- Joomla RSS Feed
- Kategorie: Joomla News
Project: Joomla! SubProject: CMS Impact: Low Severity: Low Probability: Low Versions: 4.2.0-4.3.1 Exploit type: Open Redirect / XSS Reported Date: 2023-02-28 Fixed Date: 2023-05-28 CVE Number: CVE-2023-23754 Description Lack of input validation caused an open redirect and XSS issue within the new mfa selection screen. Affected Installs Joomla! CMS versions 4.2.0-4.3.1 Solution Upgrade to version 4.3.2 Contact The JSST at the Joomla! Security Centre.
- Zugriffe: 346