ГлавнаяУязвимости → CVE-2026-48902
9.8критическая

CVE-2026-48902

Описание

The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set.

Затрагиваемое ПО
Joomla Joomla\!
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://developer.joomla.org/security-centre/1050-20260518-core-transport-encryption-downgrade-for-password-and-username-reset-links.html