Project: Joomla! SubProject: CMS Impact: Low Severity: Low Probability: Low Versions: 3.2.0-3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2 Exploit type: Insufficient Session Expiration Reported Date: 2023-11-29 Fixed Date: 2024-02-20 CVE Number: CVE-2024-21722 Description The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified. Affected Installs Joomla! CMS versions 3.2.0-3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2 Solution Upgrade to version 3.10.15-elts, 4.4.3 or 5.0.3 Contact The JSST at the Joomla! Security Centre. [20240201] - Core - Insufficient session expiration in MFA management views
- Details
- Joomla RSS Feed
- Kategorie: Joomla News
Project: Joomla! SubProject: CMS Impact: Low Severity: Low Probability: Low Versions: 3.2.0-3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2 Exploit type: Insufficient Session Expiration Reported Date: 2023-11-29 Fixed Date: 2024-02-20 CVE Number: CVE-2024-21722 Description The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified. Affected Installs Joomla! CMS versions 3.2.0-3.10.14-elts, 4.0.0-4.4.2, 5.0.0-5.0.2 Solution Upgrade to version 3.10.15-elts, 4.4.3 or 5.0.3 Contact The JSST at the Joomla! Security Centre. - Zugriffe: 99