CVE-2025-50058 MEDIUM

CVE-2025-50058: Extension - rsjoomla.com - Stored XSS vulnerability in RSDirectory! component 1.16.3-1.17.7 for Joomla

Vendor Rsjoomla.com

Product RSDirectory! component for Joomla

Weakness CWE-79 · XSS

Published July 18, 2025

Last update July 20, 2025

View on NVD All CVEs

CVSS base score

5.1/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

Description

A stored XSS vulnerability in the RSDirectory! component 1.0.0-2.2.8 Joomla was discovered. The issue allows remote authenticated attackers to inject arbitrary web script or HTML via the review reply component.

Key dates

Disclosure timeline

July 18, 2025 CVE published

July 20, 2025 Record updated

Identifiers

CVE CVE-2025-50058

CWE CWE-79

CVSS 5.1 / MEDIUM

Affected versions

Vendor Rsjoomla.com

Product RSDirectory! component for Joomla

Affected 1.0.0-2.2.8