CVE-2024-26278

CVE-2024-26278: [20240705] - Core - XSS in com_fields default field value

Vendor Joomla! Project
Product Joomla! CMS
Weakness CWE-79 · XSS
Published July 9, 2024
Last update March 14, 2025

CVSS base score

What the vulnerability does

01Description

The Custom Fields component not correctly filter inputs, leading to a XSS vector.

Key dates

02Disclosure timeline

July 9, 2024 CVE published
March 14, 2025 Record updated