Primary

Context

Joomla! CMS Incorrect Access Control Vulnerability in com_scheduler Component

Vulnerability

Patched

A vulnerability exists in Joomla! CMS versions 4.1.0 through 5.4.5 and 6.0.0 through 6.1.0, allowing low privileged users to edit the task types of existing scheduler tasks due to improper access checks. This incorrect access control could be exploited to modify task types, potentially leading to unauthorized changes in task scheduling and management.

Impact

Exploitation of this vulnerability could allow low privileged users to gain unauthorized access to modify scheduler tasks, potentially disrupting scheduled operations or workflows.

Remediation

Users can upgrade to Joomla! CMS versions 5.4.6 or 6.1.1 to address this vulnerability.

Added: May 26, 2026, 10:57 PM

Updated: May 26, 2026, 10:57 PM

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

0.6

exploitability

5.0

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.6

impact

0.6

exploitability

5.0

remediation

7.7

relevance

9.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Joomla! CMS Incorrect Access Control Vulnerability in com_scheduler Component

Vulnerability

Impact

Remediation

Affected Products

Joomla

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating