Description

An issue was discovered in Joomla! 4.0.0 through 4.2.6. A missing token check causes a CSRF vulnerability in the handling of post-installation messages.

Remediation

References

CVE-2023-23750

Related Vulnerabilities

WordPress Plugin Membership Simplified Multiple SQL Injection Vulnerabilities (1.58)

WordPress Plugin mywebcounter Cross-Site Scripting (1.1)

WordPress Plugin Clipboard Images Arbitrary File Upload (0.3)

WordPress Plugin ELEX WooCommerce Google Shopping (Google Product Feed) Cross-Site Scripting (1.2.3)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3608)

Severity

Medium

Classification

CVE-2023-23750 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Tags

Missing Update Known Vulnerabilities