XSS Vulnerability in Joomla MFA Management Views
CVE-2026-48949
5.9MEDIUM
What is CVE-2026-48949?
A vulnerability exists in the MFA management views of Joomla that allows an attacker to exploit a lack of proper input validation. This XSS flaw could enable unauthorized users to execute scripts in the context of another user's session, posing a security risk. It’s essential for Joomla users to take immediate action to safeguard their applications by applying the latest updates and employing best practices in web security.
Affected Version(s)
Joomla! CMS 4.2.0-5.4.6
Joomla! CMS 6.0.0-6.1.1