Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
[20210703] - Core - Lack of enforced session termination
Vulnerability Description
An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine existing user sessions when a user's password was changed or the user was blocked.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Joomla! CMS 代码问题漏洞
Vulnerability Description
Joomla!是一套使用在Joomla!内容管理系统中的论坛组件。 Joomla! CMS 2.5.0 - 3.9.27存在代码问题漏洞,该漏洞源于修改用户密码或阻止用户帐户时,会话过期时间不足。远程的未经身份验证的攻击者可利用该漏洞获得或猜测会话令牌,并获得对属于另一个用户的会话的未经授权的访问。
CVSS Information
N/A
Vulnerability Type
N/A