PT-2020-17367 · Open Source Matters · Joomla!
Lee Thao
·
Published
2020-12-28
·
Updated
2025-04-03
·
CVE-2020-35615
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Joomla! versions 2.5.0 through 3.9.22
Description
A missing token check in the
emailexport feature of com privacy causes a CSRF issue.Recommendations
For Joomla! versions 2.5.0 through 3.9.22, update to a version that includes the fix for the missing token check in the
emailexport feature of com privacy.
As a temporary workaround, consider disabling the emailexport feature of com privacy until a patch is available.Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Joomla!