Description In Joomla! before 3.9.11, inadequate checks in com_contact could allow mail submission in disabled forms. Remediation References CVE-2019-15028 Related Vulnerabilities IBM RTC Incorrect Authorization Vulnerability (CVE-2017-1700) WordPress Insecure Default Initialization of Resource Vulnerability (CVE-2017-5491) WordPress Plugin Real3D FlipBook Multiple Vulnerabilities (2.18.8) WordPress Plugin Sticky Menu, Sticky Header (or anything!) on Scroll Cross-Site Request Forgery (2.2) Oracle Database Server CVE-2015-2586 Vulnerability (CVE-2015-2586) Severity Medium Classification CVE-2019-15028 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Tags Missing Update Known Vulnerabilities