What the vulnerability does
01Description
An improper access check allowed low privileged users to edit the task types of existing scheduler tasks.
CVSS base score
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:H/SI:H/SA:H
What the vulnerability does
An improper access check allowed low privileged users to edit the task types of existing scheduler tasks.
Explanation of Vulnerability in Simple Terms
Joomla! CMS versions 4.1.0 through 5.4.5 contain an access control flaw that allows high-privilege users to modify site configuration beyond their intended permissions. The vulnerability affects multiple system functions due to improper authorization checks. Site administrators should update to a patched version as soon as available.
What an attacker can do
A high-privilege user can modify site settings and configuration they should not have access to.
Potential impact on your site
Unauthorized changes to site configuration, settings, or data by privileged users with restricted roles.
Conditions required to exploit
Attacker must have high-level administrative privileges on the Joomla site.
Key dates
External resources
Related vulnerabilities