Description

An issue was discovered in Joomla! Core before 3.8.8. A long running background process, such as remote checks for core or extension updates, could create a race condition where a session that was expected to be destroyed would be recreated.

Remediation

References

CVE-2018-11324

Related Vulnerabilities

Joomla Improper Input Validation Vulnerability (CVE-2018-12712)

WordPress Plugin Latest Posts by BestWebSoft Cross-Site Scripting (0.2)

WordPress Plugin Stop User Enumeration Security Bypass (1.3.18)

WordPress Plugin MasterStudy LMS-for Online Courses and Education Information Disclosure (3.2.10)

WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Scripting (4.0.3)

Severity

Medium

Classification

CVE-2018-11324 CWE-362 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities