Cross-Site Scripting Vulnerability in Joomla! File Management
CVE-2026-48950
5.9MEDIUM
What is CVE-2026-48950?
An XSS vulnerability exists in the file management view of the com_templates component in Joomla!. This weakness arises due to insufficient escaping of user-supplied input. Attackers could exploit this flaw to inject malicious scripts, which could execute in the context of the affected user's browser, leading to unauthorized actions and potential data theft.
Affected Version(s)
Joomla! CMS 4.0.0-5.4.6
Joomla! CMS 6.0.0-6.1.1