CVE-2026-35220 | Joomla CMS up to 6.1.0 Admin Activation Endpoint cross-site request forgery

A vulnerability classified as problematic has been found in Joomla CMS up to 6.1.0. The impacted element is an unknown function of the component Admin Activation Endpoint. The manipulation leads to cross-site request forgery.

This vulnerability is referenced as CVE-2026-35220. Remote exploitation of the attack is possible. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More