- Project: Joomla!
- SubProject: CMS
- Impact: Low
- Severity: Low
- Versions: 3.7.0 through 3.8.11
- Exploit type: ACL Violation
- Reported Date: 2018-July-10
- Fixed Date: 2018-August-28
- CVE Number: CVE-2018-15881
Description
Inadequate checks regarding disabled fields can lead to an ACL violation.
Affected Installs
Joomla! CMS versions 3.7.0 through 3.8.11
Solution
Upgrade to version 3.8.12
Contact
The JSST at the Joomla! Security Centre.