PT-2026-56231 · Joomla · Joomla! Cms

Federico Brasili

·

Published

2026-07-07

·

Updated

2026-07-07

·

CVE-2026-48958

CVSS v4.0

6.4

Medium

VectorAV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
An improper access check allows unauthorized users to create custom fields via webservices endpoints.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-48958

Affected Products

Joomla! Cms