CVE-2018-11323
An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the access levels of user groups with higher permissions.
Date published : 2018-05-22
http://www.securityfocus.com/bid/104276
https://developer.joomla.org/security-centre/729-20180501-core-acl-violation-in-access-levels.html