2 matches found
CVE-2026-48958
An improper access check allows unauthorized users to create custom fields via webservices endpoints...
CVE-2026-48958
In Joomla! Core, the CVE-2026-48958 issue is due to improper access control in the com_fields webservice endpoints, enabling unauthorized users to create custom fields via web services. Affected versions include Joomla! 4.0.x (before 5.4.7) and 6.0.x (before 6.1.2). The underlying impact is eleva...