2008-01-04 01:00:00
mitre
PUBLISHED
Joomla! before 1.5 RC4 allows remote authenticated administrators to promote arbitrary users to the administrator group, in violation of the intended security model.