CVE-2020-13760

In Joomla! before 3.9.19, missing token checks in com_postinstall lead to CSRF.