Nicholas Dionysopoulos

**Name of the Vulnerable Software and Affected Versions** Joomla! versions 2.5.0 through 3.9.27 **Description** An issue was discovered in the install action of com installer, where it lacks the required hardcoded ACL checks for superusers. However, a default system is not affected because the default ACL for com installer is already limited to super users. **Recommendations** For Joomla! versions 2.5.0 through 3.9.27, consider restricting access to the com installer component to minimize the risk of exploitation until a patch is available.