Description

An issue was discovered in Joomla! Core before 3.8.8. A long running background process, such as remote checks for core or extension updates, could create a race condition where a session that was expected to be destroyed would be recreated.

Remediation

References

CVE-2018-11324

Related Vulnerabilities

Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-3642)

IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1476)

WordPress Plugin Directories Pro Cross-Site Scripting (1.3.45)

MySQL CVE-2015-4769 Vulnerability (CVE-2015-4769)

WordPress Plugin Advanced Database Cleaner SQL Injection (3.0.1)

Severity

Medium

Classification

CVE-2018-11324 CWE-362 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities