Description
An issue was discovered in Joomla! through 3.9.19. A missing token check in the ajax_install endpoint of com_installer causes a CSRF vulnerability.
Remediation
References
Related Vulnerabilities
WordPress Plugin Locatoraid Store Locator Cross-Site Request Forgery (3.9.11)
Apache 2.x version older than 2.0.63
WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Remote Code Execution (2.0.14)
WordPress Plugin WP-VR-view-Add Photo Sphere, 360 video to WordPress Cross-Site Scripting (1.6)
WordPress Plugin Clean Login Cross-Site Scripting (1.12.6.3)