Description

An issue was discovered in Joomla! Core before 3.8.8. A long running background process, such as remote checks for core or extension updates, could create a race condition where a session that was expected to be destroyed would be recreated.

Remediation

References

CVE-2018-11324

Related Vulnerabilities

Django Resource Management Errors Vulnerability (CVE-2015-0221)

WebLogic CVE-2016-0572 Vulnerability (CVE-2016-0572)

WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.1.23)

Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-23181)

SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-0830)

Severity

Medium

Classification

CVE-2018-11324 CWE-362 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities