CVE-2021-26034

[20210503] - Core - CSRF in data download endpoints

EPSS 0.6%

An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in data download endpoints in com_banners and com_sysinfo.

Affected products

Joomla! Project · Joomla! CMS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://developer.joomla.org/security-centre/854-20210503-core-csrf-in-data-download-endpoints.html