CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute force attacks against MFA methods.

**\[20230502\] - Core - Bruteforce prevention within the mfa screen**

*   **Project:** Joomla!
*   **SubProject:** CMS
*   **Impact:** Critical
*   **Severity:** Moderate
*   **Probability:** Low
*   **Versions:** 4.2.0-4.3.1
*   **Exploit type:** Lack of rate limiting
*   **Reported Date:** 2023-04-29
*   **Fixed Date:** 2023-05-30
*   **CVE Number:** CVE-2023-23755

**Description**

The lack of rate limiting allows brute force attacks against MFA methods.

**Affected Installs**

Joomla! CMS versions 4.2.0-4.3.1

**Solution**

Upgrade to version 4.3.2

**Contact**

The JSST at the Joomla! Security Centre.

**Reported By:**  Phil Taylor

Headline

CVE-2023-23755: Joomla! Developer Network

CVE: Latest News