CVE-2025-54295 MEDIUM

CVE-2025-54295: Extension - dj-extensions.com - Reflected XSS vulnerability in DJ-Reviews component 1.0-1.3.6 for Joomla

Vendor Dj-Extensions.com

Product DJ-Reviews component for Joomla

Weakness CWE-79 · XSS

Published July 23, 2025

Last update July 24, 2025

CVSS base score

5.1/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction —

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

Description

A Reflected XSS vulnerability in DJ-Reviews component 1.0-1.3.6 for Joomla was discovered.

Key dates

July 23, 2025 CVE published

July 24, 2025 Record updated

CVE CVE-2025-54295

CWE CWE-79

CVSS 5.1 / MEDIUM

Vendor Dj-Extensions.com

Product DJ-Reviews component for Joomla

Affected 1.0-1.3.6