Back to Live Pulse
CriticalJceImproper Access Control
CVE-2026-48907
Description
A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution.
Proof of Concept (POC) Links
Explore how this vulnerability can be reproduced or exploited.