CVE-2021-26038

Summary

An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for com_installer is limited to super users already.

Affected Software

VendorProductVersion RangeStatus
Joomla! ProjectJoomla! CMS2.5.0-3.9.27affected

Weaknesses

  • CSRF

ADP Enrichment

CVE Program Container

Additional References

References