Unrated severityNVD Advisory· Published Mar 4, 2021· Updated Feb 25, 2026
[20210301] - Core - Insecure randomness within 2FA secret generation
CVE-2021-23126
Description
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand() function within the process of generating the 2FA secret.
Affected products
1- Range: 3.2.0-3.9.24
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- developer.joomla.org/security-centre/841-20210301-core-insecure-randomness-within-2fa-secret-generation.htmlmitrex_refsource_MISCvendor-advisory
News mentions
0No linked articles in our index yet.