CVE-2023-23755

HIGH

Joomla! < 4.3.2 - Brute Force

Title source: rule

Description

An issue was discovered in Joomla! 4.2.0 through 4.3.1. The lack of rate limiting allowed brute force attacks against MFA methods.

References (1)

Scores

CVSS v3 7.5
EPSS 0.0001
EPSS Percentile 0.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-307
Status published

Affected Products (1)

joomla/joomla\! < 4.3.2

Timeline

Published May 30, 2023
Tracked Since Feb 18, 2026