Description

An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine existing user sessions when a user's password was changed or the user was blocked.

Remediation

References

CVE-2021-26037

Related Vulnerabilities

MySQL CVE-2012-1735 Vulnerability (CVE-2012-1735)

Drupal Incorrect Authorization Vulnerability (CVE-2020-13676)

WordPress Plugin Modern Events Calendar Lite Cross-Site Scripting (5.22.2)

WordPress Plugin WordPress Calls to Action Cross-Site Scripting (2.2.7)

WordPress Plugin Like Button Rating-LikeBtn Server-Side Request Forgery (2.6.31)

Severity

Medium

Classification

CVE-2021-26037 CWE-613 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities