vulnerability
Joomla!: [20260305] - Core - Arbitrary file deletion in com_joomlaupdate (CVE-2026-23898)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:M/C:C/I:C/A:C) | Apr 1, 2026 | Apr 1, 2026 | Apr 3, 2026 |
Severity
8
CVSS
(AV:N/AC:L/Au:M/C:C/I:C/A:C)
Published
Apr 1, 2026
Added
Apr 1, 2026
Modified
Apr 3, 2026
Description
Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism.
Solutions
joomla-upgrade-5_4_4joomla-upgrade-6_0_4
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.