What the vulnerability does
01Description
An improper access check allows privileged users to overwrite media files without editing permissions.
CVSS base score
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H
What the vulnerability does
An improper access check allows privileged users to overwrite media files without editing permissions.
Explanation of Vulnerability in Simple Terms
Joomla! CMS versions 4.1.0 through 5.4.6 contain an access control flaw that allows high-privilege users to modify site integrity and availability settings they should not have access to. The vulnerability requires an authenticated administrator account and does not expose confidential data. Site owners should update to a version newer than 5.4.6 when available.
What an attacker can do
A high-privilege user can modify site integrity and availability settings beyond their authorized scope.
Potential impact on your site
Unauthorized configuration changes by admins could degrade site stability or alter critical settings.
Conditions required to exploit
Attacker must have an authenticated administrator account with high privileges.
Key dates
External resources
Related vulnerabilities