Vulnerabilities > CVE-2021-26040 - Incorrect Authorization vulnerability in Joomla Joomla! 4.0.0

047910
CVSS 9.1 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
joomla
CWE-863
critical
NVD
Published: 2021-08-24
Updated: 2021-08-31

Summary

An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing a file deletion command.

Vulnerable Configurations

Part Description Count
Application
Joomla
1

Common Weakness Enumeration (CWE)

References