CVE-2025-50056 MEDIUM

CVE-2025-50056: Extension - rsjoomla.com - Reflected XSS vulnerability RSMail! component 1.19.20-1.22.28 for Joomla

Vendor Rsjoomla.com

Product RSMail! component for Joomla

Weakness CWE-79 · XSS

Published July 18, 2025

Last update July 20, 2025

View on NVD All CVEs

CVSS base score

5.1/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction —

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

Description

A reflected XSS vulnerability in RSMail! component 1.19.20 - 1.22.26 28 Joomla was discovered. The issue allows remote attackers to inject arbitrary web script or HTML via the crafted parameter.

Key dates

Disclosure timeline

July 18, 2025 CVE published

July 20, 2025 Record updated

Identifiers

CVE CVE-2025-50056

CWE CWE-79

CVSS 5.1 / MEDIUM

Affected versions

Vendor Rsjoomla.com

Product RSMail! component for Joomla

Affected 1.19.20-1.22.28