Description

An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint.

Remediation

References

CVE-2021-26033

Related Vulnerabilities

WordPress Plugin OptionTree PHP Object Injection (2.7.2)

Oracle Database Server CVE-2007-5505 Vulnerability (CVE-2007-5505)

YUI Library Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-4207)

WordPress Plugin Twitter LiveBlog Cross-Site Request Forgery (1.1.2)

WordPress Other Vulnerability (CVE-2006-6017)

Severity

Medium

Classification

CVE-2021-26033 CWE-352

Tags

Missing Update Known Vulnerabilities