Description

An issue was discovered in Joomla! Core before 3.8.8. A long running background process, such as remote checks for core or extension updates, could create a race condition where a session that was expected to be destroyed would be recreated.

Remediation

References

CVE-2018-11324

Related Vulnerabilities

Squid NULL Pointer Dereference Vulnerability (CVE-2018-1000027)

WordPress Plugin MicroCopy SQL Injection (1.1.0)

WordPress Plugin Passster-Password Protection Weak Encoding (3.5.5.5.1)

Drupal Core 9.1.x Directory Traversal (9.1.0 - 9.1.10)

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2022-23307)

Severity

Medium

Classification

CVE-2018-11324 CWE-362 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities