VYPR
Medium severity4.3NVD Advisory· Published May 26, 2026· Updated May 27, 2026

CVE-2026-35220

CVE-2026-35220

Description

Lack of CSRF token validation lead to a CSRF attack vector in the admin activation endpoint of com_users.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

1