Description
An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks in the access level section of com_users allow the unauthorized editing of usergroups.
Remediation
References
Related Vulnerabilities
WordPress Plugin Category Grid View Gallery Cross-Site Scripting (2.3.3)
JBoss Application Server Improper Privilege Management Vulnerability (CVE-2012-2312)
WebLogic CVE-2018-2902 Vulnerability (CVE-2018-2902)
PHP Improper Certificate Validation Vulnerability (CVE-2015-3152)
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15729)