CVE-2026-48947
Joomla! Core - [20260701] - Incorrect Access Control in com_media webservice endpoints
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
An improper access check allows privileged users to overwrite media files without editing permissions.
| CWE | CWE-284 |
| Vendor | joomla! project |
| Product | joomla! cms |
| Published | Jul 7, 2026 |
| Last Updated | Jul 8, 2026 |
Stay Ahead of the Next One
Get instant alerts for joomla! project joomla! cms
Be the first to know when new unknown vulnerabilities affecting joomla! project joomla! cms are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Joomla! Project / Joomla! CMS
4.1.0-5.4.6 6.0.0-6.1.1
References
Credits
Federico Brasili, https://www.linkedin.com/in/federico-brasili-00b4b7332/