Description
An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint.
Remediation
References
Related Vulnerabilities
WordPress Plugin Post Thumbnail Editor Multiple Cross-Site Request Forgery Vulnerabilities (2.4.1)
Apache Tomcat Resource Management Errors Vulnerability (CVE-2014-0230)
WordPress Plugin BookX Local File Inclusion (1.7)
WordPress Plugin RSVPMaker Cross-Site Scripting (2.5.4)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-9033)