2 matches found
PT-2026-53282
Name of the Vulnerable Software and Affected Versions Helix3 plugin for Joomla affected versions not specified Description An ajax handler task allows unauthenticated attackers to delete arbitrary files, write arbitrary JSON files, and update template parameters. Recommendations At the moment,...
CVE-2026-21627
The vulnerability was rooted in how the Tassos Framework plugin handled specific AJAX requests through Joomla’s comajax entry point. Under certain conditions, internal framework functionality could be invoked without proper restriction...