An improper access check allows unauthorized users to create custom fields via webservices endpoints.CreditsFederico Brasili, https://www.linkedin.com/in/federico-brasili-00b4b7332/Referenceshttps://developer.joomla.org/security-centre/1066-20260712-core-incorrect-access-control-in-com-fields-webservice-endpoints.html