18 matches found
BIT-JOOMLA-2026-35223 Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints
An improper access check allows unauthorized access to comconfig webservice endpoints...
BIT-JOOMLA-2026-48904 Joomla! Core - [20260514] - Privilege escalation through com_users webservice endpoints
An improper access check allows privelege escalation through the comusers group editing webservice endpoint...
CVE-2026-35223
CVE-2026-35223 affects Joomla! Core – com_config webservice endpoints. An improper access check enables unauthorized access, with critical/high impact per CVSS 3.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and high impact per CVSS 4.0 (AV:N/AC:L/PR:H/UI:N/VI:H/SC:N/SA:N/VA:H). Root cause: improper au...
CVE-2026-35223
An improper access check allows unauthorized access to comconfig webservice endpoints...
EUVD-2026-31877
An improper access check allows unauthorized access to comconfig webservice endpoints...
BIT-JOOMLA-2026-23899 Joomla! Core - [20260306] - Improper access check in webservice endpoints
An improper access check allows unauthorized access to webservice endpoints...
CVE-2026-23899
An improper access check allows unauthorized access to webservice endpoints...
CVE-2026-23899
CVE-2026-23899 is not the primary entry here; connected document JOOMLA-1032 documents a concrete issue in Joomla! CMS: versions 4.0.0–5.4.3 and 6.0.0–6.0.3 are affected by an improper access check in webservice endpoints . The description confirms an access-control weakness at webservice endpoin...
CVE-2026-23899 Joomla! Core - [20260306] - Improper access check in webservice endpoints
An improper access check allows unauthorized access to webservice endpoints...
CVE-2026-23899
An improper access check allows unauthorized access to webservice endpoints...
CVE-2026-23899 Joomla! Core - [20260306] - Improper access check in webservice endpoints
An improper access check allows unauthorized access to webservice endpoints...
Joomla 4.0.x < 5.4.4 / 6.0.x < 6.0.4 Joomla 6.0.4 & 5.4.4 Security & Bugfix Release (5944-joomla-6-0-4-5-4-4-security-bugfix-release)
According to its self-reported version, the instance of Joomla! running on the remote web server is 4.0.x prior to 5.4.4 or 6.0.x prior to 6.0.4. It is, therefore, affected by a vulnerability. - An improper access check allows unauthorized access to webservice endpoints. CVE-2026-23899 Note that...
[20260306] - Core - Improper access check in webservice endpoints
An improper access check allows unauthorized access to webservice endpoints...
BIT-JOOMLA-2023-23752 [20230201] - Core - Improper access check in webservice endpoints
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints...
Joomla! Improper Access Control Vulnerability
Joomla! contains an improper access control vulnerability that allows unauthorized access to webservice endpoints...
VulnCheck KEV: CVE-2023-23752
Joomla! contains an improper access control vulnerability that allows unauthorized access to webservice endpoints...
Vulnerability fixed in Joomla!
Joomla has fixed a vulnerability. An unauthenticated remote malicious person could exploit the vulnerability to gain access to vulnerable servers without prior authentication to gain access to vulnerable web endpoints. The consequential damage depends on the endpoint and could potentially lead to...
CVE-2023-23752
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints...