A stored XSS vulnerability in the Balbooa Gallery plugin 1.0.0-2.4.0 for Joomla allows privileged users to store malicious scripts in gallery items.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://extensions.joomla.org/extension/gallery/ |
Configurations
No configuration.
History
18 Jul 2025, 10:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-07-18 10:15
Updated : 2025-07-18 10:15
NVD link : CVE-2025-49486
Mitre link : CVE-2025-49486
JSON object : View
Products Affected
No product.
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')