Description

An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses.

Remediation

References

CVE-2020-10240

Related Vulnerabilities

MySQL CVE-2018-3066 Vulnerability (CVE-2018-3066)

WordPress Plugin SendPress Newsletters Cross-Site Scripting (1.20.7.10)

Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28735)

Joomla! Core 3.x.x SQL Injection (3.0.0 - 3.4.6)

MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-14634)

Severity

Medium

Classification

CVE-2020-10240 CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities