Joomla! before 3.9.13 Cross-Site Request Forgery (CSRF) Vulnerability

Summary

A missing token check in com_template causes a CSRF vulnerability.

 

Credit:

The information has been provided by Vendor

The original article can be found at:https://developer.joomla.org/security-centre/794-20191001-core-csrf-in-com-template-overrides-view.html

 


Details

An issue was discovered in Joomla! before 3.9.13. A missing token check-in com_template causes a CSRF vulnerability.

 

Vulnerable Systems:

Joomla before 3.9.13

 

CVE Information:

CVE-2019-18650

 

Disclosure Timeline:
Published Date:11/5/2019