Vulnerability in Joomla! Project Cms

CVE-2026-23899

An improper access check allows unauthorized access to webservice endpoints.

EPSS: 0.000 (0.0th percentile) — read the EPSS interpretation.

Affected products

Joomla! Project Cms — versions 4.0.0-5.4.3, 6.0.0-6.0.3

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

developer.joomla.org/security-centre/1032-20260306-core-improper-access-check-i… (vendor-advisory)