Description

An issue was discovered in Joomla! 3.9.0 through 3.9.22. Improper handling of the username leads to a user enumeration attack vector in the backend login page.

Remediation

References

CVE-2020-35614

Related Vulnerabilities

Zope Web Application Server Other Vulnerability (CVE-2001-1227)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3546)

WordPress Plugin Team Members Cross-Site Scripting (5.0.3)

WordPress Plugin Arigato Autoresponder and Newsletter Multiple Vulnerabilities (2.5.1.6)

Oracle Database Server CVE-2014-6453 Vulnerability (CVE-2014-6453)

Severity

Medium

Classification

CVE-2020-35614 CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities