Incorrect ACL checks in the access level section of com_users allow the unauthorized deletion of usergroups.
Joomla! CMS versions 2.5.0 - 3.9.16
Upgrade to version 3.9.17
The JSST at the Joomla! Security Centre.
Inproper input validations in the usergroup table class could lead to a broken ACL configuration.
Incorrect ACL checks in the access level section of com_users allow the unauthorized editing of usergroups.
Joomla! CMS versions 3.8.8 - 3.9.16
The lack of type casting of a variable in SQL statement leads to a SQL injection vulnerability in the "Featured Articles" frontend menutype.
Joomla! CMS versions 1.7.0 - 3.9.15
Upgrade to version 3.9.16
Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses.
Joomla! CMS versions 3.0.0 - 3.9.15