Description
Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently gain read access to data which should be access restricted to users with edit_own level. Joomla! Core versions ranging from 1.6.0 and up to and including 3.6.0 are vulnerable.
Remediation
Update to Joomla! Core version 3.6.1 or latest
References
Related Vulnerabilities
WordPress Plugin Relevanssi-A Better Search Cross-Site Scripting (3.3.7.1)
Jboss EAP Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-0853)
WordPress Plugin ARForms:Wordpress Form Builder Arbitrary File Deletion (3.7.1)
WordPress 3.8.x Arbitrary File Deletion Vulnerability (3.8 - 3.8.26)
WordPress Plugin Ultimate Maps by Supsystic Cross-Site Scripting (1.2.4)