CVE-2026-48903 MEDIUM

CVE-2026-48903: Joomla! Framework - [20260519] - Inadequate content filtering within the checkAttribute filter code.

Vendor Joomla! Project

Product Joomla! Framework Filter package

Weakness CWE-79 · XSS

Published May 26, 2026

Last update May 27, 2026

CVSS base score

6.9/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction —

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N

What the vulnerability does

Description

Inadequate content filtering within the checkAttribute methods leads to XSS vulnerabilities in various components.

Key dates

May 26, 2026 CVE published

May 27, 2026 Record updated

CVE CVE-2026-48903

CWE CWE-79

CVSS 6.9 / MEDIUM

Vendor Joomla! Project

Product Joomla! Framework Filter package

Affected 1.0.0-3.0.5

Vendor Joomla! Project

Product Joomla! Framework Filter package

Affected 4.0.0-4.0.1