- Project: Joomla!
- SubProject: CMS
- Impact: High
- Severity: Low
- Versions: 2.5.0 through 3.8.7
- Exploit type: ACL violation
- Reported Date: 2018-March-08
- Fixed Date: 2018-May-22
- CVE Number: CVE-2018-11323
Inadequate checks allowed users to modify the access levels of user groups with higher permissions.
Joomla! CMS versions 2.5.0 through 3.8.7
Upgrade to version 3.8.8
The JSST at the Joomla! Security Centre.
Reported By: Matias Aguirre, JSSTJoomla is available using 1 click install in Cloud Server cPanel and Cloud Server Webuzo. Contact us to find out our latest offers!