XSS Vulnerability in Joomla's Installer Component
CVE-2026-48952
5.9MEDIUM
What is CVE-2026-48952?
An identified vulnerability in Joomla's com_installer component stems from insufficient escaping, enabling potential attackers to execute malicious scripts in the update list view. This flaw poses significant risks for Joomla websites, making them susceptible to XSS attacks, which may lead to unauthorized access and data compromise.
Affected Version(s)
Joomla! CMS 4.0.0-5.4.6
Joomla! CMS 6.0.0-6.1.1