Vulnerability Database

296,147

Total vulnerabilities in the database

CVE-2024-21722

The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified.

Published: Feb 29, 2024
Updated: Mar 1, 2024
CVE: CVE-2024-21722
Exploit:

No technical information available.

CWEs:

CWE-613

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
Joomla / joomla	5.0.0	5.0.3
Joomla / joomla	4.0.0	4.4.3
Joomla / joomla	3.2.0	3.10.15

https://developer.joomla.org/security-centre/925-20240201-core-insufficient-session-expiration-in-mfa-management-views.html