216.73.217.64

CVE-2025-50126

· Published 18/07/2025 10:15 · Modified 18/07/2025 10:15

Labels: CVE-2025-50126 2025-07-18CVE-2025-50126CWE-79[email protected]

Essential information

Published
18/07/2025 10:15
Modified
18/07/2025 10:15
Author
Creator
CVSS
5.3 MEDIUM (v3) 5.3 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A stored XSS vulnerability in the RSBlog! component 1.11.6-1.14.5 Joomla was discovered. The issue allows remote authenticated users to inject arbitrary web script or HTML via the jform[tags_text] parameter.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
joomla / rsblog cpe:2.3:a:joomla:rsblog:1.11.6-1.14.5:*:*:*:*:*:*:*

References