7 matches found
CVE-2026-48952
CVE-2026-48952 affects Joomla core, specifically the com_installer update list view. Root cause is lack of escaping, resulting in an XSS vulnerability. CVSS 4.0 base score 8.4 ( HIGH ) with network attack vector, low attack complexity, high impact to confidentiality and integrity, and low impact ...
CVE-2026-48952 Joomla! Core - [20260706] - XSS in com_installer
Lack of escaping leads to an XSS vulnerability in the update list view of cominstaller...
EUVD-2026-42070
Lack of escaping leads to an XSS vulnerability in the update list view of cominstaller...
[20260706] - Core - XSS in com_installer
Lack of escaping leads to an XSS vulnerability in the update list view of cominstaller...
Joomla! 代码问题漏洞
Joomla! is a set of forum components used in the Joomla! content management system. A code issue vulnerability exists in Joomla! 2.5.0 - 3.9.27. The vulnerability stems from a hard-coded ACL check for superuser missing from the install operation in cominstaller, which can be exploited to execute...
PT-2021-16931 · Joomla · Joomla!
Name of the Vulnerable Software and Affected Versions: Joomla! versions 2.5.0 through 3.9.27 Description: An issue was discovered in the install action of com installer, where it lacks the required hardcoded ACL checks for superusers. However, a default system is not affected because the default...
Cross-Site Request Forgery Vulnerability in Joomla!
Joomla! is the U.S. Open Source Matters team of a set of PHP and MySQL development using open source , cross-platform content management system CMS. A cross-site request forgery vulnerability exists in cominstaller in Joomla! versions 2.5.0 through 3.8.12. A remote attacker can exploit this...