Unrated severityNVD Advisory· Published Mar 4, 2021· Updated Feb 25, 2026
[20210301] - Core - Insecure randomness within 2FA secret generation
CVE-2021-23127
Description
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an insufficient length for the 2FA secret accoring to RFC 4226 of 10 bytes vs 20 bytes.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
1- developer.joomla.org/security-centre/841-20210301-core-insecure-randomness-within-2fa-secret-generation.htmlmitrex_refsource_MISCvendor-advisory
News mentions
0No linked articles in our index yet.