The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified.
References
Configurations
Configuration 1 (hide)
|
History
02 Jun 2025, 15:28
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* | |
| First Time |
Joomla
Joomla joomla\! |
|
| References | () https://developer.joomla.org/security-centre/925-20240201-core-insufficient-session-expiration-in-mfa-management-views.html - Vendor Advisory |
21 Nov 2024, 08:54
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://developer.joomla.org/security-centre/925-20240201-core-insufficient-session-expiration-in-mfa-management-views.html - |
30 Oct 2024, 18:35
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.3 |
29 Feb 2024, 01:44
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-02-29 01:44
Updated : 2025-06-02 15:28
NVD link : CVE-2024-21722
Mitre link : CVE-2024-21722
CVE.ORG link : CVE-2024-21722
JSON object : View
Products Affected
joomla
- joomla\!
CWE
CWE-613
Insufficient Session Expiration