What the vulnerability does
01Description
An improper access check allows privilege escalation through the com_users batch task.
CVSS base score
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
What the vulnerability does
An improper access check allows privilege escalation through the com_users batch task.
Explanation of Vulnerability in Simple Terms
Joomla! CMS versions 4.0.0 through 5.4.5 contain an access control flaw that allows unauthenticated attackers to modify site data over the network. The vulnerability requires specific timing or conditions to exploit but does not require user interaction. Site administrators should update to a version newer than 5.4.5 as soon as a patch is available.
What an attacker can do
Modify site data without authentication.
Potential impact on your site
Unauthorized changes to site content, settings, or data by remote attackers.
Conditions required to exploit
Network access; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities