21 matches found
CVE-2026-48958 Joomla! Core - [20260712] - Incorrect Access Control in com_fields webservice endpoints
An improper access check allows unauthorized users to create custom fields via webservices endpoints...
CVE-2026-48958
CVE-2026-48958 affects Joomla! Core, specifically the com_fields webservice endpoints. The root cause is an improper access check, enabling unauthorized users to create custom fields via webservices endpoints. Documents confirm the vulnerability, its scope, and its impact, but do not specify any ...
[20260711] - Core - Incorrect Access Control in com_privacy webservice endpoints
An improper access check allows unauthorized users to access comprivacy datasets...
BIT-JOOMLA-2026-35223 Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints
An improper access check allows unauthorized access to comconfig webservice endpoints...
BIT-JOOMLA-2026-48904 Joomla! Core - [20260514] - Privilege escalation through com_users webservice endpoints
An improper access check allows privelege escalation through the comusers group editing webservice endpoint...
EUVD-2026-31877
An improper access check allows unauthorized access to comconfig webservice endpoints...
CVE-2026-35223
An improper access check allows unauthorized access to comconfig webservice endpoints...
CVE-2026-35223
CVE-2026-35223 affects Joomla! Core – com_config webservice endpoints. An improper access check enables unauthorized access, with critical/high impact per CVSS 3.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and high impact per CVSS 4.0 (AV:N/AC:L/PR:H/UI:N/VI:H/SC:N/SA:N/VA:H). Root cause: improper au...
BIT-JOOMLA-2026-23899 Joomla! Core - [20260306] - Improper access check in webservice endpoints
An improper access check allows unauthorized access to webservice endpoints...
CVE-2026-23899
An improper access check allows unauthorized access to webservice endpoints...
CVE-2026-23899 Joomla! Core - [20260306] - Improper access check in webservice endpoints
An improper access check allows unauthorized access to webservice endpoints...
CVE-2026-23899
An improper access check allows unauthorized access to webservice endpoints...
CVE-2026-23899 Joomla! Core - [20260306] - Improper access check in webservice endpoints
An improper access check allows unauthorized access to webservice endpoints...
CVE-2026-23899
The CVE-2026-23899 entry concerns Joomla! Core with an improper access check in webservice endpoints that allows unauthorized access. Multiple connected sources confirm: a core vulnerability in Joomla! enables access to webservice endpoints by circumventing access checks (no user interaction requ...
Joomla 4.0.x < 5.4.4 / 6.0.x < 6.0.4 Joomla 6.0.4 & 5.4.4 Security & Bugfix Release (5944-joomla-6-0-4-5-4-4-security-bugfix-release)
According to its self-reported version, the instance of Joomla! running on the remote web server is 4.0.x prior to 5.4.4 or 6.0.x prior to 6.0.4. It is, therefore, affected by a vulnerability. - An improper access check allows unauthorized access to webservice endpoints. CVE-2026-23899 Note that...
[20260306] - Core - Improper access check in webservice endpoints
An improper access check allows unauthorized access to webservice endpoints...
BIT-JOOMLA-2023-23752 [20230201] - Core - Improper access check in webservice endpoints
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints...
Joomla! Improper Access Control Vulnerability
Joomla! contains an improper access control vulnerability that allows unauthorized access to webservice endpoints...
VulnCheck KEV: CVE-2023-23752
Joomla! contains an improper access control vulnerability that allows unauthorized access to webservice endpoints...
Vulnerability fixed in Joomla!
Joomla has fixed a vulnerability. An unauthenticated remote malicious person could exploit the vulnerability to gain access to vulnerable servers without prior authentication to gain access to vulnerable web endpoints. The consequential damage depends on the endpoint and could potentially lead to...