CVE-2021-26038 is a vulnerability in Joomla
Published on July 7, 2021

[20210704] - Core - Privilege escalation through com_installer
An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks for superusers. A default system is not affected cause the default ACL for com_installer is limited to super users already.

Vendor Advisory NVD

Products Associated with CVE-2021-26038

Want to know whenever a new CVE is published for Joomla? stack.watch will email you.

Joomla

Affected Versions

Joomla! Project Joomla! CMS Version 2.5.0-3.9.27 is affected by CVE-2021-26038

Exploit Probability

EPSS

0.01%

Percentile

1.26%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-26038 is a vulnerability in JoomlaPublished on July 7, 2021

Products Associated with CVE-2021-26038

Affected Versions

Exploit Probability

CVE-2021-26038 is a vulnerability in Joomla
Published on July 7, 2021