Web application abuses : Joomla! 3.2.0 - 3.9.15 CSRF Vulnerability

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.143605

Category: Web application abuses

Title: Joomla! 3.2.0 - 3.9.15 CSRF Vulnerability

Summary: Joomla! is prone to a cross-site request forgery (CSRF); vulnerability.

Description: Summary:
Joomla! is prone to a cross-site request forgery (CSRF)
vulnerability.

Vulnerability Insight:
Missing token checks in the image actions of com_templates causes CSRF
vulnerabilities.

Affected Software/OS:
Joomla! versions 3.2.0 - 3.9.15.

Solution:
Update to version 3.9.16 or later.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-10241
https://developer.joomla.org/security-centre/802-20200301-core-csrf-in-com-templates-image-actions

Copyright Copyright (C) 2020 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.143605
Category:	Web application abuses
Title:	Joomla! 3.2.0 - 3.9.15 CSRF Vulnerability
Summary:	Joomla! is prone to a cross-site request forgery (CSRF); vulnerability.
Description:	Summary: Joomla! is prone to a cross-site request forgery (CSRF) vulnerability. Vulnerability Insight: Missing token checks in the image actions of com_templates causes CSRF vulnerabilities. Affected Software/OS: Joomla! versions 3.2.0 - 3.9.15. Solution: Update to version 3.9.16 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-10241 https://developer.joomla.org/security-centre/802-20200301-core-csrf-in-com-templates-image-actions
Copyright	Copyright (C) 2020 Greenbone AG