CVE-2020-11890

MEDIUM

Joomla! < 3.9.17 - Improper Input Validation in Usergroup Table

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-11890. PoCs published by HoangKien1020.

AI-analyzed exploit summary This PoC exploits CVE-2020-11890 in Joomla by manipulating usergroup ACLs to escalate privileges from admin to superadmin, then achieves RCE via template file modification. It includes a full exploit chain with authentication, privilege escalation, and remote command execution.

Description

An issue was discovered in Joomla! before 3.9.17. Improper input validations in the usergroup table class could lead to a broken ACL configuration.

Exploits (1)

nomisec WORKING POC 62 stars

by HoangKien1020 · poc

https://github.com/HoangKien1020/CVE-2020-11890

View Code ZIP pw:eip

This PoC exploits CVE-2020-11890 in Joomla by manipulating usergroup ACLs to escalate privileges from admin to superadmin, then achieves RCE via template file modification. It includes a full exploit chain with authentication, privilege escalation, and remote command execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Joomla core before 3.9.17

Auth required

Prerequisites: Admin account (not superadmin) · Network access to Joomla administrator interface

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://developer.joomla.org/security-centre/810-20200402-core-missing-checks-for-the-root-usergroup-in-usergroup-table.html

Scores

CVSS v3 5.3

EPSS 0.0276

EPSS Percentile 84.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Details

CWE

CWE-20

Status published

Products (1)

joomla/joomla\! 2.5.0 - 3.9.17

Published Apr 21, 2020

Tracked Since Feb 18, 2026