An issue was discovered in Joomla! 3.0.0 through 3.9.26. A missing token check causes a CSRF vulnerability in the AJAX reordering endpoint.
{ "severity": "Medium", "cpes": [ "cpe:2.3:a:joomla:joomla!:*:*:*:*:*:*:*:*" ] }