Description In Joomla! before 3.8.2, a bug allowed third parties to bypass a user's 2-factor authentication method. Remediation References CVE-2017-16634 Related Vulnerabilities Joomla! Core 3.3.x Denial of Service (3.3.0 - 3.3.4) Drupal Core 4.6.x Form Action Attribute Injection (4.6.0 - 4.6.9) WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Multiple Cross-Site Scripting Vulnerabilities (1.30) Envoy Proxy CVE-2019-18802 Vulnerability (CVE-2019-18802) Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37247) Severity Critical Classification CVE-2017-16634 CWE-287 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities