The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified.
{ "cpes": [ "cpe:2.3:a:joomla:joomla!:*:*:*:*:*:*:*:*" ], "severity": "Medium" }