CVE-2025-50058 is a stored Cross-Site Scripting (XSS) vulnerability identified in the RSDirectory! component versions 1.0.0 through 2.2.8 for the Joomla content management system. This vulnerability arises due to improper neutralization of input during web page generation, specifically within the review reply functionality of the component. An authenticated attacker with high privileges can inject arbitrary HTML or JavaScript code that is persistently stored and later executed in the context of users viewing the affected pages. The vulnerability is classified under CWE-79, which pertains to improper sanitization or encoding of user-supplied input leading to script injection. The CVSS v4.0 base score is 5.1 (medium severity), reflecting that the attack vector is network-based, requires no user interaction, but does require high-level privileges (authenticated attacker with elevated rights). The impact on confidentiality and integrity is low to limited, as the vulnerability does not directly allow data exfiltration or modification of core system files, but it can be leveraged for session hijacking, privilege escalation, or delivering further attacks such as phishing or malware distribution. Availability impact is none. No known exploits are currently reported in the wild, and no patches are linked yet, indicating that mitigation may require vendor updates or manual intervention. The vulnerability affects a widely used Joomla extension, which is popular among organizations using Joomla for directory or listing services, making it a relevant threat vector for websites relying on this component.

For European organizations, the impact of CVE-2025-50058 can be significant in sectors relying on Joomla-based websites with the RSDirectory! component installed, such as small and medium enterprises, educational institutions, and local government portals. Exploitation could lead to session hijacking of administrators or users, unauthorized actions performed on behalf of legitimate users, and potential defacement or injection of malicious content that damages organizational reputation. Since the vulnerability requires authenticated access with high privileges, the risk is elevated if internal users or compromised accounts exist. Attackers could leverage this vulnerability to bypass access controls or implant persistent malicious scripts that affect visitors, potentially leading to data leakage or further compromise. The medium severity score reflects a moderate risk, but the persistent nature of stored XSS means that even a single successful injection can have prolonged effects. Given the GDPR environment in Europe, any compromise leading to personal data exposure could result in regulatory penalties and loss of customer trust.

To mitigate CVE-2025-50058, European organizations should: 1) Immediately audit Joomla installations to identify the presence and version of the RSDirectory! component. 2) Restrict administrative and review reply privileges to trusted users only, minimizing the number of accounts with high-level access. 3) Implement strict input validation and output encoding on all user-generated content, especially within the review reply feature, to neutralize malicious scripts. 4) Monitor logs for unusual activity related to review replies or administrative actions. 5) Employ Web Application Firewalls (WAFs) with custom rules to detect and block common XSS payloads targeting this component. 6) Engage with the vendor or Joomla community to obtain patches or updates as soon as they become available and apply them promptly. 7) Educate administrators and users about phishing and social engineering risks that could lead to credential compromise, which is a prerequisite for exploitation. 8) Consider isolating or disabling the review reply feature temporarily if patching is delayed and the feature is not critical.