Stored XSS Vulnerability in RSTickets! for Joomla by RSJoomla
CVE-2025-32465

8.5HIGH

Key Information:

Vendor: Rsjoomla.com
Status: Rstickets! Component For Joomla
Vendor: CVE Published:; 11 June 2025

🔔 Create Rsjoomla.com Vulnerability Alert

What is CVE-2025-32465?

A stored Cross-Site Scripting (XSS) vulnerability has been identified in the RSTickets! component versions 1.9.12 to 3.3.0 for Joomla. This vulnerability enables attackers to inject malicious scripts by sending specially crafted payloads, which can potentially be executed when the affected application processes or displays data to other users. This security flaw emphasizes the need for website operators to implement security best practices and to keep their Joomla components updated to mitigate potential exploitation.

Affected Version(s)

RSTickets! component for Joomla 1.9.12-3.3.0

References

https://rsjoomla.com/

product

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 11, 2025
Vulnerability Reserved
Apr 9, 2025

Credit

Kamil Szczurowski

Robert Kruczek