Known Vulnerabilities
CVE-2021-26034
An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in data download endpoints in com_banners and com_sysinfo.
UNKNOWN
Published May 26, 2021
CVE-2021-26033
An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint.
UNKNOWN
Published May 26, 2021
CVE-2021-26032
An issue was discovered in Joomla! 3.0.0 through 3.9.26. HTML was missing in the executable block list of MediaHelper::canUpload, leading to XSS attack vectors.
UNKNOWN
Published May 26, 2021