Hello,

The System Message "The security token did not match. The request was aborted to prevent any security breach. Please try again." does not make a sense, when I try to perform a logout in the backend in Joomla 4.1.0,
even on a already expired session.

Better user experience would be that, in case of a Logout-action, this message is silently supressed,

because it doesn't matter at this point,

a) The session(-Token) is already expired, the user already can't do anything on the system
b) The user want to logout (and already was silently at this point by exeeding max Session time), so presenting him the expected login form after he clicked in the Backend User Menu on "Logout" is the best experience.
No need fpr a irritating and at this point useless, System message.

Steps to reproduce the issue

• Login into to the Joomla Backend
• Set the Session Lifetime (for your convienience) to a short value like 1 min in Global Configuration >> System or use the default Session Lifetime value (15 min).
• save your changes.
• Wait until your Session exceed the Session Lifetime value.
• Click in the upper right on the User Menu and on the Menu Item "Log out"

Expected result

• Session is (already) canceled, no check of a valid security token is needed in case of a self-logout-action
• User is redirected to the Backend Login Form without the Session token invalid message

Actual result

• Session is already expired, backend still checks on valid security token
• User is redirected to Backend Login Form, the System Message apperears that his used Security Token isn't valid anymore.

System information (as much as possible)

Additional comments