vulnerability

Joomla!: [20200401] - Core - Incorrect access control in com_users access level editing function (CVE-2020-11891)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:P/A:N)	2020-04-22	2020-04-22	2020-05-01

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

2020-04-22

Added

2020-04-22

Modified

2020-05-01

Description

An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks in the access level section of com_users allow the unauthorized editing of usergroups.

Solution

joomla-upgrade-3_9_17

References

CVE-2020-11891
https://attackerkb.com/topics/CVE-2020-11891
URL-http://developer.joomla.org/security-centre/809-20200401-core-incorrect-access-control-in-com-users-access-level-editing-function.html

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today