CVE-2023-23754
MEDIUM6.1EPSS 0.03%[20230501] - Core - Open Redirect and XSS within the mfa select
Published: 4/3/2025Modified: 5/20/2025
Description
An issue was discovered in Joomla! 4.2.0 through 4.3.1. Lack of input validation caused an open redirect and XSS issue within the new mfa selection screen.
Affected packages (1)
- Bitnami/joomla>= 4.2.0, < 4.3.2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.1 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |