Description

An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in data download endpoints in com_banners and com_sysinfo.

Remediation

References

CVE-2021-26034

Related Vulnerabilities

TCExam Other Vulnerability (CVE-2010-2153)

WordPress Plugin Booster Elite for WooCommerce Multiple Cross-Site Request Forgery Vulnerabilities (6.0.0)

WordPress Plugin Post Recommendations for WordPress 'api.php' Remote File Include (1.1.2)

WordPress Plugin Participants Database SQL Injection (1.5.4.8)

MySQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4452)

Severity

Medium

Classification

CVE-2021-26034 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities