Description
In Joomla! before 3.9.19, missing token checks in com_postinstall lead to CSRF.
Remediation
References
Related Vulnerabilities
Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-24598)
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-7853)
Roundcube Files or Directories Accessible to External Parties Vulnerability (CVE-2017-16651)
WordPress Plugin Be POPIA Compliant Information Disclosure (1.1.5)