Description
An issue was discovered in Joomla! 2.5.0 through 3.10.6 & 4.0.0 through 4.1.0. A user row was not bound to a specific authentication mechanism which could under very special circumstances allow an account takeover.
Remediation
References
Related Vulnerabilities
Apache Tomcat Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2021-42340)
Drupal CVE-2014-9016 Vulnerability (CVE-2014-9016)
Apache Tomcat Improper Input Validation Vulnerability (CVE-2014-0095)
WordPress Plugin Accept Stripe Donation-AidWP Security Bypass (2.8)
Moodle Improper Validation of Integrity Check Value Vulnerability (CVE-2021-20184)