diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index de627e6217..ba51befde5 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -134,6 +134,7 @@
 		<li>[Fix] Custom profile fields with date type should be timezone independend (Bug #15003)</li>
 		<li>[Fix] Fixing some XHTML errors/warnings within the ACP (Bug #22875)</li>
 		<li>[Fix] Warnings if poll title/options exceed maximum characters per post (Bug #22865)</li>
+		<li>[Fix] Do not allow selecting non-authorized groups within memberlist by adjusting URL (Bug #22805 - patch provided by ToonArmy)</li>
 
 	</ul>
 
diff --git a/phpBB/memberlist.php b/phpBB/memberlist.php
index d021581cb2..7244a09591 100644
--- a/phpBB/memberlist.php
+++ b/phpBB/memberlist.php
@@ -1237,6 +1237,7 @@ switch ($mode)
 		{
 			$group_selected = request_var('search_group_id', 0);
 			$s_group_select = '<option value="0"' . ((!$group_selected) ? ' selected="selected"' : '') . '>&nbsp;</option>';
+			$group_ids = array();
 
 			if ($auth->acl_gets('a_group', 'a_groupadd', 'a_groupdel'))
 			{
@@ -1261,10 +1262,16 @@ switch ($mode)
 
 			while ($row = $db->sql_fetchrow($result))
 			{
+				$group_ids[] = $row['group_id'];
 				$s_group_select .= '<option value="' . $row['group_id'] . '"' . (($group_selected == $row['group_id']) ? ' selected="selected"' : '') . '>' . (($row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
 			}
 			$db->sql_freeresult($result);
 
+			if ($group_selected !== 0 && !in_array($group_selected, $group_ids))
+			{
+				trigger_error('NO_GROUP');
+			}
+
 			$template->assign_vars(array(
 				'USERNAME'	=> $username,
 				'EMAIL'		=> $email,