Stackideas: >> Easydiscuss Security Vulnerabilities
User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by file extensions, no mime type checks are happening.
CVSS Score
8.8
EPSS Score
0.0
Published
2026-01-16
Lack of input filterung leads to a persistent XSS vulnerability in the forum post handling of the Easy Discuss component for Joomla.
CVSS Score
5.4
EPSS Score
0.0
Published
2026-01-16
Lack of input filterung leads to a persistent XSS vulnerability in the user avatar text handling of the Easy Discuss component for Joomla.
CVSS Score
5.4
EPSS Score
0.0
Published
2026-01-16
SQL injection vulnerability in StackIdeas EasyDiscuss v.5.0.5 and fixed in v.5.0.10 allows a remote attacker to obtain sensitive information via a crafted request to the search parameter in the Users module.
CVSS Score
7.5
EPSS Score
0.062
Published
2024-01-16
The StackIdeas EasyDiscuss (aka com_easydiscuss) extension before 4.0.21 for Joomla! allows XSS.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-01-08