Description
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand() function within the process of generating the 2FA secret.
Remediation
References
Related Vulnerabilities
WordPress Plugin Codestyling Localization 'name' Parameter Cross-Site Scripting (1.99.19)
WordPress Plugin EWWW Image Optimizer Remote Code Execution (2.8.3)
Apache read beyond bounds via ap_rwrite() Vulnerability (CVE-2022-28614)
Nginx Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0337)
Phusion Passenger Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-10345)