Brian Teeman

**Name of the Vulnerable Software and Affected Versions** Joomla! versions 3.0.0 through 3.9.24 **Description** An issue was discovered where incorrect ACL checks could allow unauthorized change of the category for an article. **Recommendations** For Joomla! versions 3.0.0 through 3.9.24, update to a version that includes the fix for this issue to prevent unauthorized changes to article categories.

**Name of the Vulnerable Software and Affected Versions** Joomla! versions prior to 3.9.19 **Description** The default settings of the global textfilter configuration in Joomla! do not block HTML inputs for Guest users. This issue may allow unauthorized users to inject malicious HTML code. **Recommendations** For versions prior to 3.9.19, update to version 3.9.19 or later to resolve the issue. As a temporary workaround, consider modifying the global textfilter configuration to block HTML inputs for Guest users. Restrict access to sensitive areas of the application to minimize the risk of exploitation.