Primary

Context

Joomla! CMS Improper Access Control Vulnerability in Webservice Endpoints

Vulnerability

Patched

A vulnerability exists in Joomla! CMS versions 4.0.0 through 5.4.3 and 6.0.0 through 6.0.3, allowing unauthorized access to webservice endpoints due to an improper access check. This flaw could be exploited to gain unauthorized access to certain functionalities or data exposed by these webservice endpoints.

Impact

Exploitation of this vulnerability could lead to unauthorized access to webservice endpoints, potentially allowing attackers to interact with or manipulate data and functionalities exposed by these services.

Remediation

Users are advised to upgrade to Joomla! CMS version 5.4.4 or 6.0.4.

Added: Apr 1, 2026, 10:18 AM

Updated: Apr 1, 2026, 10:18 AM

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

5.0

exploitability

7.6

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

5.0

exploitability

7.6

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Joomla! CMS Improper Access Control Vulnerability in Webservice Endpoints

Vulnerability

Impact

Remediation

Affected Products

Joomla! CMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating