CVE-2024-21722 Information

Description

The MFA management features did not properly terminate existing user sessions when a user’s MFA methods have been modified.

Reference

https://developer.joomla.org/security-centre/925-20240201-core-insufficient-session-expiration-in-mfa-management-views.html