Improper Access Control in Joomla Workflow Component
CVE-2026-48955

6.4MEDIUM

Key Information:

Vendor

Joomla

Vendor
CVE Published:
7 July 2026

What is CVE-2026-48955?

The Joomla Workflow Component is affected by a vulnerability that results from an improper access control mechanism. This flaw allows unauthorized users to gain access to sensitive workflow stage and transition information, potentially compromising the integrity of the workflow management system. It is crucial for users of the affected versions to apply available security patches to mitigate these risks.

Affected Version(s)

Joomla! CMS 6.0.0-6.1.1

References

CVSS V4

Score:
6.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

廖双
.