Description
Joomla! Core is prone to a race condition, where a session which was expected to be destroyed would be recreated. Attackers can exploit this issue to perform unauthorized actions. Joomla! Core versions 3.x.x ranging from 3.0.0 and up to and including 3.8.7 are vulnerable.
Remediation
Update to Joomla! Core version 3.8.8 or latest
References
Related Vulnerabilities
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Cross-Site Scripting (1.5.67)
WordPress Plugin Async JavaScript Cross-Site Scripting (2.20.12.09)
WordPress Plugin WP Reroute Email SQL Injection (1.4.6)
WordPress Plugin Conditional Marketing Mailer for WooCommerce Cross-Site Request Forgery (1.5.2)