Joomla: >> Joomla! Security Vulnerabilities
An improper validation of user-supplied input leads to a local file inclusion vulnerability.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-05-26
An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability.
CVSS Score
5.9
EPSS Score
0.0
Published
2026-05-26
An improper access check allows unauthorized access to com_config webservice endpoints.
CVSS Score
8.6
EPSS Score
0.0
Published
2026-05-26
Lack of CSRF token validation lead to a CSRF attack vector in the admin activation endpoint of com_users.
CVSS Score
4.6
EPSS Score
0.0
Published
2026-05-26
Improperly built filter clauses lead to a SQL injection vulnerability in the search query for com_finder.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-05-26
Improperly validated order clauses lead to a SQL injection vulnerability in com_tags.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-05-26
Lack of output escaping leads to a XSS vector in the readmore links for com_content.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-05-26
Lack of output escaping leads to a XSS vector in the feed modules.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-05-26
Lack of output escaping leads to a XSS vector in the multilingual associations component.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-05-26
Lack of output escaping leads to a XSS vector in the content history component.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-05-26