Description
An issue was discovered in Joomla! before 3.8.13. com_installer actions do not have sufficient CSRF hardening in the backend.
Remediation
References
Related Vulnerabilities
WordPress Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.2.1 - 1.2.2)
WordPress Plugin AddSearch Cross-Site Scripting (1.1.0)
WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.32)
MyBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9403)
PHP Improper Certificate Validation Vulnerability (CVE-2015-3152)