Description
An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover.
Remediation
References
Related Vulnerabilities
Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2020-8164)
WordPress Plugin WP Photo Album Plus Unspecified Vulnerability (6.5.00)
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1184)
MySQL CVE-2018-2565 Vulnerability (CVE-2018-2565)
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2005-2946)