Description
An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks in the access level section of com_users allow the unauthorized editing of usergroups.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Telegram (Auto Post and Notifications) Unspecified Vulnerability (2.1.8)
Envoy Proxy Improper Encoding or Escaping of Output Vulnerability (CVE-2023-35941)
WordPress Plugin Simple Download Monitor Multiple Vulnerabilities (3.9.5.1)
WordPress Plugin Advanced Custom Fields (ACF) Cross-Site Scripting (6.1.5)