Description In Joomla! before 3.9.11, inadequate checks in com_contact could allow mail submission in disabled forms. Remediation References CVE-2019-15028 Related Vulnerabilities WordPress Plugin User Registration-Custom Registration Form, Login Form, and User Profile Privilege Escalation (3.2.0.1) WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2018-3245) WordPress Plugin St-Daily-Tip Cross-Site Request Forgery (4.7) Nexus Repository Manager Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2017-17717) Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3808) Severity Medium Classification CVE-2019-15028 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Tags Missing Update Known Vulnerabilities