Description
In Joomla! before 3.9.19, missing token checks in com_postinstall lead to CSRF.
Remediation
References
Related Vulnerabilities
Plone CMS Improper Access Control Vulnerability (CVE-2015-7315)
WordPress Plugin Custom Banners Cross-Site Scripting (1.2.2.2)
WordPress Plugin Tierra's Billboard Manager SQL Injection (1.14)
Drupal Core 4.7.x Denial of Service (4.7.0 - 4.7.4)
Zikula Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-0535)