Description
Joomla! Core is prone to an open redirect vulnerability because the application fails to properly validate user-supplied input. Exploiting this issue may allow attackers to redirect users to arbitrary web sites and conduct phishing attacks; other attacks are also possible. Joomla! Core versions 3.x.x ranging from 3.0.0 and up to and including 3.9.20 are vulnerable.
Remediation
Update to Joomla! Core version 3.9.21 or latest
References
Related Vulnerabilities
WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability (CVE-2020-36156)
WordPress Plugin WP Academic People List Cross-Site Scripting (0.4.1)
Jboss EAP Credentials Management Errors Vulnerability (CVE-2012-0034)
Apache HTTP Server Numeric Errors Vulnerability (CVE-2011-3607)
WordPress Plugin Caldera Forms-More Than Contact Forms Cross-Site Scripting (1.4.1)