CVE-2018-17855

An issue was discovered in Joomla! before 3.8.13. If an attacker gets access to the mail account of an user who can approve admin verifications in the registration process, he can activate himself.

Date published : 2018-10-09

http://www.securityfocus.com/bid/105559

https://developer.joomla.org/security-centre/754-20181004-core-acl-violation-in-com-users-for-the-admin-verification