Joomla Security Announcements – Core – 2-factor-authentication bypass

Joomla Security Announcements – Core – 2-factor-authentication bypass
5 (100%) 4 votes
  • Project: Joomla!
  • SubProject: CMS
  • Severity: Medium
  • Versions: 3.2.0 through 3.8.1
  • Exploit type:
  • Reported Date: 2017-October-31
  • Fixed Date: 2017-November-07
  • CVE Number: CVE-2017-16634

Description

A bug allowed third parties to bypass a user’s 2-factor-authentication method.

Affected Installs

Joomla! CMS versions 3.2.0 through 3.8.1

Solution

Upgrade to version 3.8.2

WP Facebook Auto Publish Powered By : XYZScripts.com