Description In Joomla! before 3.9.19, missing token checks in com_postinstall lead to CSRF. Remediation References CVE-2020-13760 Related Vulnerabilities WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.18) WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.23) Lighttpd Other Vulnerability (CVE-2006-0814) WordPress Plugin WC Duplicate Order Security Bypass (1.5) Claroline Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-3261) Severity High Classification CVE-2020-13760 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities