CVE-2020-35615
MEDIUM WAF: Low
CVSS 6.3
Published: 2020-12-28
CWE-352
An issue was discovered in Joomla! 2.5.0 through 3.9.22. A missing token check in the emailexport feature of com_privacy causes a CSRF vulnerability.
WAF Coverage Analysis
Cross-Site Request Forgery (CSRF)
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| joomla | joomla\! | 2.5.0 - 3.9.22 |
References
- developer.joomla.org (Vendor Advisory)