User Enumeration in Joomla Events Booking Extension
CVE-2026-58149
Currently unrated
What is CVE-2026-58149?
The Joomla Events Booking extension is susceptible to a vulnerability that enables unauthenticated users to enumerate accounts, allowing the retrieval of usernames and associated email addresses. This flaw poses significant risks to user privacy and can facilitate targeted attacks, as malicious entities may exploit this information for further infiltration into systems. Website administrators using this extension should be aware of this vulnerability and take necessary actions to mitigate the associated risks.
Affected Version(s)
Events Booking extension for Joomla 1.0-5.8.0
