Refine your search
102 vulnerabilities found for by Joomla! Project
CVE-2026-35221 (GCVE-0-2026-35221)
Vulnerability from cvelistv5
Published
2026-05-26 16:46
Modified
2026-05-27 09:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
Improperly built filter clauses lead to a SQL injection vulnerability in the search query for com_finder.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 6.0.0-6.1.0 Version: 5.4.0-5.4.5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35221",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T17:48:47.050683Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:09:03.190Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "6.0.0-6.1.0"
},
{
"status": "affected",
"version": "5.4.0-5.4.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Adrian Junge aka vurlo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improperly built filter clauses lead to a SQL injection vulnerability in the search query for com_finder."
}
],
"value": "Improperly built filter clauses lead to a SQL injection vulnerability in the search query for com_finder."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:15:29.303Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1038-20260506-core-authenticated-blind-sqli-in-com-finder.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260506] - Authenticated blind SQLi in com_finder",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-35221",
"datePublished": "2026-05-26T16:46:10.415Z",
"dateReserved": "2026-04-01T19:23:13.196Z",
"dateUpdated": "2026-05-27T09:15:29.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48903 (GCVE-0-2026-48903)
Vulnerability from cvelistv5
Published
2026-05-26 16:46
Modified
2026-05-27 09:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Inadequate content filtering within the checkAttribute methods leads to XSS vulnerabilities in various components.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! Framework Filter package |
Version: 1.0.0-3.0.5 Version: 4.0.0-4.0.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48903",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T17:48:55.382555Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:09:17.206Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! Framework Filter package",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "1.0.0-3.0.5"
},
{
"status": "affected",
"version": "4.0.0-4.0.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "JSST"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Inadequate content filtering within the checkAttribute methods leads to XSS vulnerabilities in various components."
}
],
"value": "Inadequate content filtering within the checkAttribute methods leads to XSS vulnerabilities in various components."
}
],
"impacts": [
{
"capecId": "CAPEC-18",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-18 XSS Targeting Non-Script Elements"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:15:23.009Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1051-20260519-framework-inadequate-content-filtering-within-the-checkattribute-filter-code.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Framework - [20260519] - Inadequate content filtering within the checkAttribute filter code.",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-48903",
"datePublished": "2026-05-26T16:46:05.152Z",
"dateReserved": "2026-05-26T10:06:17.656Z",
"dateUpdated": "2026-05-27T09:15:23.009Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48896 (GCVE-0-2026-48896)
Vulnerability from cvelistv5
Published
2026-05-26 16:45
Modified
2026-05-27 09:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
Insufficient state checks lead to a vector that allows to bypass 2FA checks.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.5 Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48896",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:56:43.158826Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:57:20.522Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.5"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Doyensec in collaboration with Claude and Anthropic Research"
},
{
"lang": "en",
"type": "finder",
"value": "Christos Papakonstantinou, Cantina"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insufficient state checks lead to a vector that allows to bypass 2FA checks."
}
],
"value": "Insufficient state checks lead to a vector that allows to bypass 2FA checks."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115: Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:15:12.329Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1043-20260511-core-mfa-authentication-bypass.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260511] - MFA Authentication Bypass",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-48896",
"datePublished": "2026-05-26T16:45:55.573Z",
"dateReserved": "2026-05-26T10:06:17.656Z",
"dateUpdated": "2026-05-27T09:15:12.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35220 (GCVE-0-2026-35220)
Vulnerability from cvelistv5
Published
2026-05-26 16:45
Modified
2026-05-27 09:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Summary
Lack of CSRF token validation lead to a CSRF attack vector in the admin activation endpoint of com_users.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T17:49:20.616038Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:09:30.708Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sun HuangnSec"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Lack of CSRF token validation lead to a CSRF attack vector in the admin activation endpoint of com_users."
}
],
"value": "Lack of CSRF token validation lead to a CSRF attack vector in the admin activation endpoint of com_users."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-62 Cross Site Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:14:34.686Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1037-20260505-core-csrf-in-user-activation-endpoint"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260505] - CSRF in user activation endpoint",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-35220",
"datePublished": "2026-05-26T16:45:19.690Z",
"dateReserved": "2026-04-01T19:23:13.196Z",
"dateUpdated": "2026-05-27T09:14:34.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-40383 (GCVE-0-2026-40383)
Vulnerability from cvelistv5
Published
2026-05-26 16:45
Modified
2026-05-27 09:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory
Summary
An improper validation of user-supplied input leads to a local file inclusion vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 3.2.1-5.4.5 Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-40383",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T18:58:29.241684Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:59:09.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "3.2.1-5.4.5"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Doyensec in collaboration with Claude and Anthropic Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper validation of user-supplied input leads to a local file inclusion vulnerability."
}
],
"value": "An improper validation of user-supplied input leads to a local file inclusion vulnerability."
}
],
"impacts": [
{
"capecId": "CAPEC-252",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-252 PHP Local File Inclusion"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:14:28.517Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1041-20260509-core-lfi-in-htmlview-layout-parameter.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260509] - LFI in HTMLView layout parameter",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-40383",
"datePublished": "2026-05-26T16:45:14.402Z",
"dateReserved": "2026-04-12T05:13:31.714Z",
"dateUpdated": "2026-05-27T09:14:28.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35222 (GCVE-0-2026-35222)
Vulnerability from cvelistv5
Published
2026-05-26 16:45
Modified
2026-06-05 07:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
Improperly validated order clauses lead to a SQL injection vulnerability in com_tags.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 6.0.0-6.1.0 Version: 4.0.0-5.4.5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35222",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T19:14:06.766795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T14:37:50.763Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "6.0.0-6.1.0"
},
{
"status": "affected",
"version": "4.0.0-5.4.5"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Adrian Junge aka vurlo"
},
{
"lang": "en",
"type": "finder",
"value": "Federico Brasili, https://www.linkedin.com/in/federico-brasili-00b4b7332/"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improperly validated order clauses lead to a SQL injection vulnerability in com_tags."
}
],
"value": "Improperly validated order clauses lead to a SQL injection vulnerability in com_tags."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T07:30:10.304Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1039-20260507-core-authenticated-blind-sqli-in-com-tags.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260507] - Authenticated blind SQLi in com_tags",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-35222",
"datePublished": "2026-05-26T16:45:13.390Z",
"dateReserved": "2026-04-01T19:23:13.196Z",
"dateUpdated": "2026-06-05T07:30:10.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-40384 (GCVE-0-2026-40384)
Vulnerability from cvelistv5
Published
2026-05-26 16:45
Modified
2026-05-27 09:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory
Summary
An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.5 Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-40384",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T19:17:10.492296Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T19:17:18.855Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.5"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Doyensec in collaboration with Claude and Anthropic Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability."
}
],
"value": "An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:14:15.239Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1042-20260510-core-path-traversal-in-com-media-webservice-endpoint.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260510] - Path traversal in com_media webservice endpoint",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-40384",
"datePublished": "2026-05-26T16:45:02.051Z",
"dateReserved": "2026-04-12T05:13:31.714Z",
"dateUpdated": "2026-05-27T09:14:15.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48905 (GCVE-0-2026-48905)
Vulnerability from cvelistv5
Published
2026-05-26 16:45
Modified
2026-05-27 09:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Lack of input filtering leads to an XSS vector in the HTML filter code.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! Framework Filter package |
Version: 1.0.0-3.0.5 Version: 4.0.0-4.0.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48905",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T17:50:04.513114Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:09:45.430Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! Framework Filter package",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "1.0.0-3.0.5"
},
{
"status": "affected",
"version": "4.0.0-4.0.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jesper den Boer"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Lack of input filtering leads to an XSS vector in the HTML filter code."
}
],
"value": "Lack of input filtering leads to an XSS vector in the HTML filter code."
}
],
"impacts": [
{
"capecId": "CAPEC-18",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-18 XSS Targeting Non-Script Elements"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:14:13.346Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1052-20260520-framework-inadequate-content-filtering-within-the-cleanattributes-filter-code.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Framework - [20260520] - Inadequate content filtering within the cleanAttributes filter code.",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-48905",
"datePublished": "2026-05-26T16:45:00.666Z",
"dateReserved": "2026-05-26T10:06:17.656Z",
"dateUpdated": "2026-05-27T09:14:13.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48897 (GCVE-0-2026-48897)
Vulnerability from cvelistv5
Published
2026-05-26 16:44
Modified
2026-05-27 09:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
Insufficient state checks lead to a vector that allows to bypass 2FA checks.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.5 Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48897",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T19:19:17.612461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T19:19:26.183Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.5"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Morris Baumgarten-Egemole"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insufficient state checks lead to a vector that allows to bypass 2FA checks."
}
],
"value": "Insufficient state checks lead to a vector that allows to bypass 2FA checks."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115: Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:14:05.696Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1044-20260512-core-mfa-authentication-bypass.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260512] - MFA Authentication Bypass",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-48897",
"datePublished": "2026-05-26T16:44:53.779Z",
"dateReserved": "2026-05-26T10:06:17.656Z",
"dateUpdated": "2026-05-27T09:14:05.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25901 (GCVE-0-2026-25901)
Vulnerability from cvelistv5
Published
2026-05-26 16:44
Modified
2026-05-27 09:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Lack of output escaping leads to a XSS vector in the multilingual associations component.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.5 Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25901",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T17:49:52.442848Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T18:10:00.364Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.5"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "vnth4nhnt from CyStack"
},
{
"lang": "en",
"type": "finder",
"value": "Aisle Research, Pavel Kohout"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Lack of output escaping leads to a XSS vector in the multilingual associations component."
}
],
"value": "Lack of output escaping leads to a XSS vector in the multilingual associations component."
}
],
"impacts": [
{
"capecId": "CAPEC-18",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-18 XSS Targeting Non-Script Elements"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:28:14.477Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1034-20260502-core-xss-in-com-associations.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260502] - XSS in com_associations",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-25901",
"datePublished": "2026-05-26T16:44:25.314Z",
"dateReserved": "2026-02-07T04:53:10.344Z",
"dateUpdated": "2026-05-27T09:28:14.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48899 (GCVE-0-2026-48899)
Vulnerability from cvelistv5
Published
2026-05-26 16:44
Modified
2026-05-27 09:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
An improper access check allows privilege escalation through the com_users batch task.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.5 Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48899",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:55:50.038Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.5"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u5ed6\u53cc"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper access check allows privilege escalation through the com_users batch task."
}
],
"value": "An improper access check allows privilege escalation through the com_users batch task."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:13:16.497Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1047-20260515-core-incorrect-access-control-in-sample-data-plugins.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260515] - Incorrect Access Control in sample data plugins",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-48899",
"datePublished": "2026-05-26T16:44:06.616Z",
"dateReserved": "2026-05-26T10:06:17.656Z",
"dateUpdated": "2026-05-27T09:13:16.497Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48900 (GCVE-0-2026-48900)
Vulnerability from cvelistv5
Published
2026-05-26 16:43
Modified
2026-05-27 09:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
An improper access check allowed low privileged users to edit the task types of existing scheduler tasks.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.1.0-5.4.5 Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48900",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T17:39:11.873493Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T17:39:19.945Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.1.0-5.4.5"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Federico Brasili, https://www.linkedin.com/in/federico-brasili-00b4b7332/"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper access check allowed low privileged users to edit the task types of existing scheduler tasks."
}
],
"value": "An improper access check allowed low privileged users to edit the task types of existing scheduler tasks."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:12:59.814Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1048-20260516-core-incorrect-access-control-in-com-scheduler.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260516] - Incorrect Access Control in com_scheduler",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-48900",
"datePublished": "2026-05-26T16:43:51.153Z",
"dateReserved": "2026-05-26T10:06:17.656Z",
"dateUpdated": "2026-05-27T09:12:59.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48902 (GCVE-0-2026-48902)
Vulnerability from cvelistv5
Published
2026-05-26 16:43
Modified
2026-06-05 07:28
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 3.9.0-5.4.5 Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-48902",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-28T13:23:36.738591Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T11:58:08.395Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "3.9.0-5.4.5"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "@ZeroXJacks, https://github.com/ZeroXJacks"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The password and username reset features created plain http links for https connections if the \"Force SSL\" flag wasn\u0027t explicitly set."
}
],
"value": "The password and username reset features created plain http links for https connections if the \"Force SSL\" flag wasn\u0027t explicitly set."
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T07:28:36.374Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1050-20260518-core-transport-encryption-downgrade-for-password-and-username-reset-links.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260518] - Transport encryption downgrade for password and username reset links",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-48902",
"datePublished": "2026-05-26T16:43:32.835Z",
"dateReserved": "2026-05-26T10:06:17.656Z",
"dateUpdated": "2026-06-05T07:28:36.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35223 (GCVE-0-2026-35223)
Vulnerability from cvelistv5
Published
2026-05-26 16:43
Modified
2026-05-27 09:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
An improper access check allows unauthorized access to com_config webservice endpoints.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.5 Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35223",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:55:48.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.5"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rishi Shakya"
},
{
"lang": "en",
"type": "finder",
"value": "Qi Deng"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper access check allows unauthorized access to com_config webservice endpoints."
}
],
"value": "An improper access check allows unauthorized access to com_config webservice endpoints."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:12:29.087Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1040-20260508-core-improper-access-check-in-com-config-webservice-endpoints.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-35223",
"datePublished": "2026-05-26T16:43:21.784Z",
"dateReserved": "2026-04-01T19:23:13.196Z",
"dateUpdated": "2026-05-27T09:12:29.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25900 (GCVE-0-2026-25900)
Vulnerability from cvelistv5
Published
2026-05-26 16:43
Modified
2026-05-27 09:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Lack of output escaping leads to a XSS vector in the feed modules.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 3.0.0-5.4.5 Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25900",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T17:27:08.169302Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T17:27:18.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "3.0.0-5.4.5"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mohamed Elabbas"
},
{
"lang": "en",
"type": "finder",
"value": "Sun Huang"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Lack of output escaping leads to a XSS vector in the feed modules."
}
],
"value": "Lack of output escaping leads to a XSS vector in the feed modules."
}
],
"impacts": [
{
"capecId": "CAPEC-18",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-18 XSS Targeting Non-Script Elements"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:12:20.038Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1033-20260501-core-xss-in-feed-modules.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260501] - XSS in feed modules",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-25900",
"datePublished": "2026-05-26T16:43:13.780Z",
"dateReserved": "2026-02-07T04:53:10.343Z",
"dateUpdated": "2026-05-27T09:12:20.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48904 (GCVE-0-2026-48904)
Vulnerability from cvelistv5
Published
2026-05-26 16:43
Modified
2026-05-27 09:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
An improper access check allows privelege escalation through the com_users group editing webservice endpoint.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.5 Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48904",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:55:46.660Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.5"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Christos Papakonstantinou, Cantina"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper access check allows privelege escalation through the com_users group editing webservice endpoint."
}
],
"value": "An improper access check allows privelege escalation through the com_users group editing webservice endpoint."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:12:13.794Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1046-20260514-core-privilege-escalation-through-com-users-webservice-endpoints.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260514] - Privilege escalation through com_users webservice endpoints",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-48904",
"datePublished": "2026-05-26T16:43:08.503Z",
"dateReserved": "2026-05-26T10:06:17.656Z",
"dateUpdated": "2026-05-27T09:12:13.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-30895 (GCVE-0-2026-30895)
Vulnerability from cvelistv5
Published
2026-05-26 16:43
Modified
2026-05-27 09:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Lack of output escaping leads to a XSS vector in the readmore links for com_content.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.5 Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-30895",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T17:25:34.231206Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T17:26:53.198Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.5"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "peterhulst"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Lack of output escaping leads to a XSS vector in the readmore links for com_content."
}
],
"value": "Lack of output escaping leads to a XSS vector in the readmore links for com_content."
}
],
"impacts": [
{
"capecId": "CAPEC-18",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-18 XSS Targeting Non-Script Elements"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:12:08.924Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1036-20260504-core-xss-in-readmore-links"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260504] - XSS in readmore links",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-30895",
"datePublished": "2026-05-26T16:43:03.205Z",
"dateReserved": "2026-03-06T04:55:46.057Z",
"dateUpdated": "2026-05-27T09:12:08.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48898 (GCVE-0-2026-48898)
Vulnerability from cvelistv5
Published
2026-05-26 16:42
Modified
2026-05-27 09:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
An improper access check allows privilege escalation through the com_users batch task.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.5 Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48898",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T03:55:45.546Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.5"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Christos Papakonstantinou, Cantina"
},
{
"lang": "en",
"type": "finder",
"value": "Adrian Junge, vulno"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper access check allows privilege escalation through the com_users batch task."
}
],
"value": "An improper access check allows privilege escalation through the com_users batch task."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T09:12:03.902Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1045-20260513-core-privilege-escalation-through-com-users-batch-task.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260513] - Privilege escalation through com_users batch task",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-48898",
"datePublished": "2026-05-26T16:42:59.328Z",
"dateReserved": "2026-05-26T10:06:17.656Z",
"dateUpdated": "2026-05-27T09:12:03.902Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-30894 (GCVE-0-2026-30894)
Vulnerability from cvelistv5
Published
2026-05-26 16:42
Modified
2026-06-05 07:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Lack of output escaping leads to a XSS vector in the content history component.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 3.0.0-5.4.5 Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-30894",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T19:48:28.120888Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T14:36:39.282Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "3.0.0-5.4.5"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Phan Phan Hai Long"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Lack of output escaping leads to a XSS vector in the content history component."
}
],
"value": "Lack of output escaping leads to a XSS vector in the content history component."
}
],
"impacts": [
{
"capecId": "CAPEC-18",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-18 XSS Targeting Non-Script Elements"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T07:28:01.850Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1035-20260503-core-xss-in-com-contenthistory"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260503] - XSS in com_contenthistory",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-30894",
"datePublished": "2026-05-26T16:42:58.268Z",
"dateReserved": "2026-03-06T04:55:46.056Z",
"dateUpdated": "2026-06-05T07:28:01.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-48901 (GCVE-0-2026-48901)
Vulnerability from cvelistv5
Published
2026-05-26 16:42
Modified
2026-06-05 07:27
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The InputFilter::getInstance() method omitted a security sensitive parameter from the instance cache key.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.5 Version: 6.0.0-6.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-48901",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-28T13:18:22.218493Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-524",
"description": "CWE-524 Use of Cache Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-28T13:20:50.537Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.5"
},
{
"status": "affected",
"version": "6.0.0-6.1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "@ZeroXJacks, https://github.com/ZeroXJacks"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The InputFilter::getInstance() method omitted a security sensitive parameter from the instance cache key."
}
],
"value": "The InputFilter::getInstance() method omitted a security sensitive parameter from the instance cache key."
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T07:27:45.423Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1049-20260517-core-incorrect-cache-key-construction-for-inputfilter-objects.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260517] - Incorrect Cache Key Construction for InputFilter objects",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-48901",
"datePublished": "2026-05-26T16:42:41.476Z",
"dateReserved": "2026-05-26T10:06:17.656Z",
"dateUpdated": "2026-06-05T07:27:45.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21630 (GCVE-0-2026-21630)
Vulnerability from cvelistv5
Published
2026-04-01 09:03
Modified
2026-04-01 19:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.3 Version: 6.0.0-6.0.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21630",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T12:40:10.198406Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T12:40:42.222Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.3"
},
{
"status": "affected",
"version": "6.0.0-6.0.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Antonio Morales from GitHub Security Lab Taskflow Agent"
},
{
"lang": "en",
"type": "finder",
"value": "vnth4nhnt from CyStack"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint."
}
],
"value": "Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T19:33:26.760Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1028-20260302-core-sql-injection-in-com-content-articles-webservice-endpoint.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260302] - SQL injection in com_content articles webservice endpoint",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-21630",
"datePublished": "2026-04-01T09:03:49.098Z",
"dateReserved": "2026-01-01T04:42:27.960Z",
"dateUpdated": "2026-04-01T19:33:26.760Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23898 (GCVE-0-2026-23898)
Vulnerability from cvelistv5
Published
2026-04-01 09:03
Modified
2026-04-02 05:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-73 - Destructive File Deletion and Potential System Compromise
Summary
Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.3 Version: 6.0.0-6.0.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23898",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T03:56:03.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.3"
},
{
"status": "affected",
"version": "6.0.0-6.0.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Phil Taylor"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism."
}
],
"value": "Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73 Destructive File Deletion and Potential System Compromise",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T05:10:20.113Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1031-20260305-core-arbitrary-file-deletion-in-com-joomlaupdate.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260305] - Arbitrary file deletion in com_joomlaupdate",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-23898",
"datePublished": "2026-04-01T09:03:40.185Z",
"dateReserved": "2026-01-17T04:38:44.008Z",
"dateUpdated": "2026-04-02T05:10:20.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21629 (GCVE-0-2026-21629)
Vulnerability from cvelistv5
Published
2026-04-01 09:03
Modified
2026-04-01 19:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 3.0.0-5.4.3 Version: 6.0.0-6.0.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21629",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T12:44:04.901543Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T12:44:22.404Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "3.0.0-5.4.3"
},
{
"status": "affected",
"version": "6.0.0-6.0.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joomla Security Strike Team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers."
}
],
"value": "The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-01T19:32:37.680Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1027-20260301-core-acl-hardening-in-com-ajax.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260301] - ACL hardening in com_ajax",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-21629",
"datePublished": "2026-04-01T09:03:37.772Z",
"dateReserved": "2026-01-01T04:42:27.960Z",
"dateUpdated": "2026-04-01T19:32:37.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-23899 (GCVE-0-2026-23899)
Vulnerability from cvelistv5
Published
2026-04-01 09:03
Modified
2026-04-02 07:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
An improper access check allows unauthorized access to webservice endpoints.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.3 Version: 6.0.0-6.0.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-23899",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T03:56:04.167Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.3"
},
{
"status": "affected",
"version": "6.0.0-6.0.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "vnth4nhnt from CyStack"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper access check allows unauthorized access to webservice endpoints."
}
],
"value": "An improper access check allows unauthorized access to webservice endpoints."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T07:56:08.444Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1032-20260306-core-improper-access-check-in-webservice-endpoints.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260306] - Improper access check in webservice endpoints",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-23899",
"datePublished": "2026-04-01T09:03:18.563Z",
"dateReserved": "2026-01-17T04:38:44.009Z",
"dateUpdated": "2026-04-02T07:56:08.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21631 (GCVE-0-2026-21631)
Vulnerability from cvelistv5
Published
2026-04-01 09:03
Modified
2026-04-02 05:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Lack of output escaping leads to a XSS vector in the multilingual associations component.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.3 Version: 6.0.0-6.0.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21631",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T03:56:05.276Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.3"
},
{
"status": "affected",
"version": "6.0.0-6.0.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Shirsendu Mondal \u0026 Md Tanzimul Alam Fahim, UNC Pembroke"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Lack of output escaping leads to a XSS vector in the multilingual associations component."
}
],
"value": "Lack of output escaping leads to a XSS vector in the multilingual associations component."
}
],
"impacts": [
{
"capecId": "CAPEC-18",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-18 XSS Targeting Non-Script Elements"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T05:09:59.076Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1029-20260303-core-xss-vector-in-com-associations-comparison-view.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://github.com/Shirshaw64p/security-advisories/tree/main/CVE-2026-21631"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260303] - XSS vector in com_associations comparison view",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-21631",
"datePublished": "2026-04-01T09:03:17.208Z",
"dateReserved": "2026-01-01T04:42:27.960Z",
"dateUpdated": "2026-04-02T05:09:59.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21632 (GCVE-0-2026-21632)
Vulnerability from cvelistv5
Published
2026-04-01 09:03
Modified
2026-04-02 05:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Lack of output escaping for article titles leads to XSS vectors in various locations.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.3 Version: 6.0.0-6.0.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21632",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-01T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T03:56:06.392Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.3"
},
{
"status": "affected",
"version": "6.0.0-6.0.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "peterhulst"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Lack of output escaping for article titles leads to XSS vectors in various locations."
}
],
"value": "Lack of output escaping for article titles leads to XSS vectors in various locations."
}
],
"impacts": [
{
"capecId": "CAPEC-18",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-18 XSS Targeting Non-Script Elements"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T05:09:54.642Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1030-20260304-core-xss-vectors-in-various-article-title-outputs.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260304] - XSS vectors in various article title outputs",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2026-21632",
"datePublished": "2026-04-01T09:03:11.213Z",
"dateReserved": "2026-01-01T04:42:27.961Z",
"dateUpdated": "2026-04-02T05:09:54.642Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-63082 (GCVE-0-2025-63082)
Vulnerability from cvelistv5
Published
2026-01-06 16:01
Modified
2026-01-06 17:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Lack of input filtering leads to an XSS vector in the HTML filter code related to data URLs in img tags.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-5.4.1 Version: 6.0.0-6.0.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-63082",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T17:45:07.619680Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T17:45:21.282Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-5.4.1"
},
{
"status": "affected",
"version": "6.0.0-6.0.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Sho Sugiyama of SUZUKI MOTOR CORPORATION"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Lack of input filtering leads to an XSS vector in the HTML filter code related to data URLs in img tags."
}
],
"value": "Lack of input filtering leads to an XSS vector in the HTML filter code related to data URLs in img tags."
}
],
"impacts": [
{
"capecId": "CAPEC-18",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-18 XSS Targeting Non-Script Elements"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T16:01:38.720Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1016-20260101-core-inadequate-content-filtering-for-data-urls.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260101] - Inadequate content filtering for data URLs",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2025-63082",
"datePublished": "2026-01-06T16:01:38.720Z",
"dateReserved": "2025-10-26T04:33:45.334Z",
"dateUpdated": "2026-01-06T17:45:21.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-63083 (GCVE-0-2025-63083)
Vulnerability from cvelistv5
Published
2026-01-06 16:01
Modified
2026-01-06 18:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Lack of output escaping leads to a XSS vector in the pagebreak plugin.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 3.9.0-5.4.1 Version: 6.0.0-6.0.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-63083",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-06T18:49:28.603543Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T18:56:00.865Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "3.9.0-5.4.1"
},
{
"status": "affected",
"version": "6.0.0-6.0.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "peterhulst"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Lack of output escaping leads to a XSS vector in the pagebreak plugin."
}
],
"value": "Lack of output escaping leads to a XSS vector in the pagebreak plugin."
}
],
"impacts": [
{
"capecId": "CAPEC-18",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-18 XSS Targeting Non-Script Elements"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-06T16:01:15.123Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1017-20260102-core-xss-vector-in-the-pagebreak-plugin.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20260102] - XSS vector in the pagebreak plugin",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2025-63083",
"datePublished": "2026-01-06T16:01:15.123Z",
"dateReserved": "2025-10-26T04:33:45.335Z",
"dateUpdated": "2026-01-06T18:56:00.865Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-54477 (GCVE-0-2025-54477)
Vulnerability from cvelistv5
Published
2025-09-30 16:02
Modified
2025-10-01 04:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-203 - Observable Discrepancy
Summary
Improper handling of authentication requests lead to a user enumeration vector in the passkey authentication method.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 4.0.0-4.4.13 Version: 5.0.0-5.3.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-54477",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T17:43:46.747977Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T17:43:49.599Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "4.0.0-4.4.13"
},
{
"status": "affected",
"version": "5.0.0-5.3.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marco Schubert"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper handling of authentication requests lead to a user enumeration vector in the passkey authentication method."
}
],
"value": "Improper handling of authentication requests lead to a user enumeration vector in the passkey authentication method."
}
],
"impacts": [
{
"capecId": "CAPEC-575",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-575 Account Footprinting"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T04:34:47.521Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1011-20250902-core-user-enumeration-in-passkey-authentication-method.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20250902] User-Enumeration in passkey authentication method",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2025-54477",
"datePublished": "2025-09-30T16:02:40.036Z",
"dateReserved": "2025-07-23T11:16:48.711Z",
"dateUpdated": "2025-10-01T04:34:47.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-54476 (GCVE-0-2025-54476)
Vulnerability from cvelistv5
Published
2025-09-30 16:02
Modified
2025-10-01 04:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Improper handling of input could lead to an XSS vector in the checkAttribute method of the input filter framework class.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Joomla! Project | Joomla! CMS |
Version: 3.0.0-3.10.20 Version: 4.0.0-4.4.13 Version: 5.0.0-5.3.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54476",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T17:11:51.164339Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T17:12:24.696Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Joomla! CMS",
"vendor": "Joomla! Project",
"versions": [
{
"status": "affected",
"version": "3.0.0-3.10.20"
},
{
"status": "affected",
"version": "4.0.0-4.4.13"
},
{
"status": "affected",
"version": "5.0.0-5.3.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Flydragon, Poi, Cwy, Xtrimi"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper handling of input could lead to an XSS vector in the checkAttribute method of the input filter framework class."
}
],
"value": "Improper handling of input could lead to an XSS vector in the checkAttribute method of the input filter framework class."
}
],
"impacts": [
{
"capecId": "CAPEC-18",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-18 XSS Targeting Non-Script Elements"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T04:34:46.488Z",
"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"shortName": "Joomla"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://developer.joomla.org/security-centre/1010-20250901-core-inadequate-content-filtering-within-the-checkattribute-filter-code.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Joomla! Core - [20250901] Inadequate content filtering within the checkAttribute filter code",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586",
"assignerShortName": "Joomla",
"cveId": "CVE-2025-54476",
"datePublished": "2025-09-30T16:02:38.757Z",
"dateReserved": "2025-07-23T11:16:48.711Z",
"dateUpdated": "2025-10-01T04:34:46.488Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}