What the vulnerability does
01Description
An improper access check allows privilege escalation through the com_users batch task.
CVSS base score
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
What the vulnerability does
An improper access check allows privilege escalation through the com_users batch task.
Explanation of Vulnerability in Simple Terms
Joomla! CMS versions 4.0.0 through 5.4.5 contain an access control flaw that allows authenticated users with low privileges to access resources or perform actions they should not be able to. The vulnerability requires a valid user account but no additional user interaction. Site administrators should update to a version newer than 5.4.5 to remediate this issue.
What an attacker can do
An authenticated user can access or modify resources beyond their assigned permission level.
Potential impact on your site
Authenticated users may view or alter content, settings, or data they should not have access to.
Conditions required to exploit
Attacker must have a valid Joomla user account with low-level privileges.
Key dates
External resources
Related vulnerabilities