Description In Joomla! before 3.9.19, missing token checks in com_postinstall lead to CSRF. Remediation References CVE-2020-13760 Related Vulnerabilities Internet Information Services Other Vulnerability (CVE-2001-1186) WordPress Plugin Appointment Booking Calendar Multiple Vulnerabilities (1.1.24) PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19595) MySQL CVE-2020-2763 Vulnerability (CVE-2020-2763) Liferay Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-11444) Severity High Classification CVE-2020-13760 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities