Security Advisory

CVE-2025-27754

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-05 13:20:52

Last updated 2025-06-08 04:39:04

Assigner Joomla

State PUBLISHED

Description

A stored XSS vulnerability in RSBlog! component 1.11.6 - 1.14.4 for Joomla was discovered. The vulnerability allows authenticated users to inject malicious JavaScript into the plugins resource. The injected payload is stored by the application and later executed when other users view the affected content.

← Browse all CVEs View on cve.org ↗