wid-sec-w-2026-0936
·
Published 2026-03-31
·
View on BSI CERT-Bund ↗
Joomla CMS: Multiple Vulnerabilities
CVSS 8.6
HIGH
Risk Summary
Lack of output escaping leads to a XSS vector in the multilingual associations component.
Affected Vendors
Open Source
Affected Products (4)
Open Source
·
Joomla
CMS <5.4.4
Open Source
·
Joomla
CMS 5.4.4
Open Source
·
Joomla
CMS <6.0.4
Open Source
·
Joomla
CMS 6.0.4
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more