Vulnerabilities
Vulnerable Software
Joomla:  >> Joomla!  >> 4.2.9  Security Vulnerabilities
The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set.
CVSS Score
9.8
EPSS Score
0.002
Published
2026-05-26
An improper validation of user-supplied input leads to a local file inclusion vulnerability.
CVSS Score
7.5
EPSS Score
0.005
Published
2026-05-26
An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability.
CVSS Score
5.9
EPSS Score
0.004
Published
2026-05-26
An improper access check allows unauthorized access to com_config webservice endpoints.
CVSS Score
8.6
EPSS Score
0.003
Published
2026-05-26
Improperly built filter clauses lead to a SQL injection vulnerability in the search query for com_finder.
CVSS Score
6.9
EPSS Score
0.003
Published
2026-05-26
Improperly validated order clauses lead to a SQL injection vulnerability in com_tags.
CVSS Score
6.9
EPSS Score
0.003
Published
2026-05-26
Lack of output escaping leads to a XSS vector in the readmore links for com_content.
CVSS Score
6.9
EPSS Score
0.002
Published
2026-05-26
Lack of output escaping leads to a XSS vector in the feed modules.
CVSS Score
6.9
EPSS Score
0.002
Published
2026-05-26
Lack of output escaping leads to a XSS vector in the multilingual associations component.
CVSS Score
6.9
EPSS Score
0.002
Published
2026-05-26
Lack of output escaping leads to a XSS vector in the content history component.
CVSS Score
6.9
EPSS Score
0.002
Published
2026-05-26


Contact Us

Shodan ® - All rights reserved