NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-48907

Summary	A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.
Publication Date	June 5, 2026, 5:16 p.m.
Registration Date	June 6, 2026, 4:17 a.m.
Last Update	June 6, 2026, 1:05 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://www.joomlacontenteditor.net/	security@joomla.org

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-284	不適切なアクセス制御	https://cwe.mitre.org/data/definitions/284.html