Description
An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing a file deletion command.
Solution(s)
joomla-upgrade-4_0_1
Referenceshttps://attackerkb.com/topics/cve-2021-26040 CVE - 2021-26040 http://developer.joomla.org/security-centre/861-20210801-core-insufficient-access-control-for-com-media-deletion-endpoint.html