Description

In Joomla! before 3.9.19, missing token checks in com_postinstall lead to CSRF.

Remediation

References

CVE-2020-13760

Related Vulnerabilities

Ruby Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2011-1004)

WordPress Plugin Live Chat with Facebook Messenger Cross-Site Scripting (1.4.4)

WordPress Plugin oQey Gallery 'gal_id' Parameter SQL Injection (0.4.8)

Oracle Application Server CVE-2008-7236 Vulnerability (CVE-2008-7236)

Moodle Other Vulnerability (CVE-2006-6625)

Severity

High

Classification

CVE-2020-13760 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities