Description

An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks in the access level section of com_users allow the unauthorized editing of usergroups.

Remediation

References

CVE-2020-11891

Related Vulnerabilities

WordPress Improper Input Validation Vulnerability (CVE-2013-5738)

WordPress Plugin Simple Social Media Share Buttons-Social Sharing for Everyone Cross-Site Scripting (3.2.2)

SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-1023)

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (7.3.4)

Joomla Improper Privilege Management Vulnerability (CVE-2012-1563)

Severity

Medium

Classification

CVE-2020-11891 CWE-863 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities