What the vulnerability does
01Description
The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set.
CVSS base score
What the vulnerability does
The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set.
Explanation of Vulnerability in Simple Terms
Insufficient metadata provided to generate a reliable CVE summary. The CVSS score, vector, CWE classification, and patched version are all unknown. A Joomla! CMS vulnerability affecting versions 3.9.0-5.4.5 has been reported, but the nature of the vulnerability, its severity, and the required fix cannot be determined from the available data.
What an attacker can do
Unknown — insufficient vulnerability details provided.
Potential impact on your site
Unable to assess impact without CVSS score and vulnerability classification.
Conditions required to exploit
Unknown — CVSS vector and CWE data missing.
Key dates
External resources