Description
An improper access check allows privelege escalation through the com_users group editing webservice endpoint.
Published: 2026-05-26
Score: 8.2 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An improper access control check in the com_users group editing webservice endpoint of Joomla! CMS allows an attacker to upscale privileges. By exploiting this flaw, an attacker could gain elevated privileges, potentially controlling the entire site and all administrative functions.

Affected Systems

This vulnerability affects Joomla! CMS as developed by the Joomla! Project. No specific release versions are listed in the advisory, so all installations using the com_users webservice endpoint could be susceptible.

Risk and Exploitability

The CVSS score of 8.2 indicates a high severity and the absence of an EPSS score means that the exploit probability is not quantified. The vulnerability is not currently listed in CISA KEV. The likely attack vector is remote, based on the webservice endpoint; an attacker with network access to the CMS backend can manipulate requests to execute the privilege escalation.

Generated by OpenCVE AI on May 26, 2026 at 22:38 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Joomla! CMS to the latest version that contains the fix for the com_users webservice access control issue
  • If an immediate update is not possible, disable the com_users webservice endpoint or restrict its access to trusted IP addresses
  • Monitor user account creation, role changes, and audit logs for abnormal privilege changes to detect potential exploitation

Generated by OpenCVE AI on May 26, 2026 at 22:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 27 May 2026 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Joomla joomla!
Vendors & Products Joomla joomla!

Tue, 26 May 2026 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Joomla
Joomla joomla\!
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*
Vendors & Products Joomla
Joomla joomla\!
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Tue, 26 May 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 26 May 2026 17:00:00 +0000

Type Values Removed Values Added
Description An improper access check allows privelege escalation through the com_users group editing webservice endpoint.
Title Joomla! Core - [20260514] - Privilege escalation through com_users webservice endpoints
Weaknesses CWE-284
References
Metrics cvssV4_0

{'score': 8.2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Joomla Joomla! Joomla\!
cve-icon MITRE

Status: PUBLISHED

Assigner: Joomla

Published:

Updated: 2026-05-27T09:12:13.794Z

Reserved: 2026-05-26T10:06:17.656Z

Link: CVE-2026-48904

cve-icon Vulnrichment

Updated: 2026-05-26T17:26:30.739Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-26T17:16:55.203

Modified: 2026-05-26T20:53:15.127

Link: CVE-2026-48904

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-27T10:04:34Z

Weaknesses