BIT-JOOMLA-2026-25901 Joomla! Core - [20260502] - XSS in com_associations

Lack of output escaping leads to a XSS vector in the multilingual associations component...

CVE-2026-25901

CVE-2026-25901 affects Joomla! Core — specifically the multilingual associations component. The root cause is a lack of output escaping in com_associations, which creates a reflected/XSS vector when user-supplied content is rendered. Documented impact indicates potential for script execution that...

BIT-JOOMLA-2026-21631 Joomla! Core - [20260303] - XSS vector in com_associations comparison view

Lack of output escaping leads to a XSS vector in the multilingual associations component...

CVE-2026-21631

CVE-2026-21631 affects Joomla! Core, specifically the multilingual component com_associations comparison view. Root cause: lack of output escaping enabling a cross-site scripting (XSS) vector. Connected advisories confirm the vulnerability exposure in the core UI component and indicate a remediat...

[20260303] - Core - XSS vector in com_associations comparison view

Lack of output escaping leads to a XSS vector in the multilingual associations component...