CVE-2020-11891

MEDIUM5.3EPSS 0.01%

Published: 4/3/2025Modified: 4/3/2025

Description

An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks in the access level section of com_users allow the unauthorized editing of usergroups.

Affected packages (1)

Bitnami/joomla>= 3.8.8, < 3.9.17

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

References (2)

WEBhttps://developer.joomla.org/security-centre/809-20200401-core-incorrect-access-control-in-com-users-access-level-editing-function.html
WEBhttps://nvd.nist.gov/vuln/detail/CVE-2020-11891