CVE-2024-21722

CVE-2024-21722: [20240201] - Core - Insufficient session expiration in MFA management views

Vendor Joomla! Project
Product Joomla! CMS
Weakness CWE-613 · Insufficient session expiration
Published February 20, 2024
Last update November 3, 2024

CVSS base score

What the vulnerability does

01Description

The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified.

Key dates

02Disclosure timeline

February 20, 2024 CVE published
November 3, 2024 Record updated