Tuesday, August 31, 2021

Joomla!: [20210801] - Core - Insufficient access control for com_media deletion endpoint (CVE-2021-26040)

Description
An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing a file deletion command.
Solution(s)
  • joomla-upgrade-4_0_1


  • References
  • https://attackerkb.com/topics/cve-2021-26040
  • CVE - 2021-26040
  • http://developer.joomla.org/security-centre/861-20210801-core-insufficient-access-control-for-com-media-deletion-endpoint.html




  •  

    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated