42 matches found
BIT-JOOMLA-2026-48904 Joomla! Core - [20260514] - Privilege escalation through com_users webservice endpoints
An improper access check allows privelege escalation through the comusers group editing webservice endpoint...
CVE-2026-48904
An improper access check allows privelege escalation through the comusers group editing webservice endpoint...
CVE-2026-48898
An improper access check allows privilege escalation through the comusers batch task...
CVE-2026-48899
An improper access check allows privilege escalation through the comusers batch task...
CVE-2026-35220
This CVE (CVE-2026-35220) concerns Joomla! core (com_users) with an admin activation endpoint lacking CSRF token validation. The underlying issue enables a CSRF attack vector against the activation flow, as indicated by the description from multiple sources. The CVSS assessment (4.6, MEDIUM) refl...
CVE-2026-48899 Joomla! Core - [20260515] - Incorrect Access Control in sample data plugins
An improper access check allows privilege escalation through the comusers batch task...
CVE-2026-48899 Joomla! Core - [20260515] - Incorrect Access Control in sample data plugins
An improper access check allows privilege escalation through the comusers batch task...
EUVD-2026-31880
An improper access check allows privilege escalation through the comusers batch task...
CVE-2026-48899
An improper access check allows privilege escalation through the comusers batch task...
CVE-2026-48904 Joomla! Core - [20260514] - Privilege escalation through com_users webservice endpoints
An improper access check allows privelege escalation through the comusers group editing webservice endpoint...
CVE-2026-48904
An improper access check allows privelege escalation through the comusers group editing webservice endpoint...
CVE-2026-48904 Joomla! Core - [20260514] - Privilege escalation through com_users webservice endpoints
An improper access check allows privelege escalation through the comusers group editing webservice endpoint...
CVE-2026-48904
CVE-2026-48904 affects Joomla! Core via the com_users webservice endpoints. An improper access check enables privilege escalation from group editing operations, leading to potential HIGH/CRITICAL impact per cited CVSS vectors (C/H, I/H, A/H). The public material specifies the affected component (...
EUVD-2026-31875
An improper access check allows privelege escalation through the comusers group editing webservice endpoint...
CVE-2026-48898 Joomla! Core - [20260513] - Privilege escalation through com_users batch task
An improper access check allows privilege escalation through the comusers batch task...
EUVD-2026-31873
An improper access check allows privilege escalation through the comusers batch task...
CVE-2026-48898 Joomla! Core - [20260513] - Privilege escalation through com_users batch task
An improper access check allows privilege escalation through the comusers batch task...
CVE-2026-48898
An improper access check allows privilege escalation through the comusers batch task...
Joomla! CMS 访问控制错误漏洞
Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a vulnerability related to access control, which stems from improper access checks. This vulnerability allows for privilege escalation through the comusers batch task...
Joomla! CMS 访问控制错误漏洞
Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a vulnerability related to access control. This vulnerability arises from improper access checks, allowing unauthorized users to elevate their privileges by editing Web service...