An issue was discovered in Joomla! 2.5.0 through 3.9.27. CMS functions did not properly termine existing user sessions when a user's password was changed or the user was blocked.
References
Link | Resource |
---|---|
https://developer.joomla.org/security-centre/858-20210703-core-lack-of-enforced-session-termination.html | Vendor Advisory |
Configurations
Information
Published : 2021-07-07 04:15
Updated : 2021-07-09 07:17
NVD link : CVE-2021-26037
Mitre link : CVE-2021-26037
JSON object : View
CWE
CWE-613
Insufficient Session Expiration
Products Affected
joomla
- joomla\!