The MFA management features did not properly terminate existing user sessions when a user's MFA methods have been modified.CreditsCarsten SchmitzReferenceshttps://developer.joomla.org/security-centre/925-20240201-core-insufficient-session-expiration-in-mfa-management-views.html
