Skip to main content
Radar
DashboardThreatsMapFeedsAPI
reconnecting

CVE-2025-50126: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in rsjoomla.com RSBlog! component for Joomla

Medium
VulnerabilityCVE-2025-50126cvecve-2025-50126cwe-79
Published: Fri Jul 18 2025 (07/18/2025, 09:51:40 UTC)
Source: CVE Database V5
Vendor/Project: rsjoomla.com
Product: RSBlog! component for Joomla

Description

A stored XSS vulnerability in the RSBlog! component 1.11.6-1.14.5 Joomla was discovered. The issue allows remote authenticated users to inject arbitrary web script or HTML via the jform[tags_text] parameter.

Technical Details

Data Version
5.1
Assigner Short Name
Joomla
Date Reserved
2025-06-12T15:19:24.363Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 687a1b67a83201eaacf1f473

Added to database: 7/18/2025, 10:01:11 AM

Last updated: 7/18/2025, 10:01:11 AM

Views: 1

Related Threats

CVE-2025-50058: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in rsjoomla.com RSDirectory! component for Joomla

Medium
VulnerabilityFri Jul 18 2025

CVE-2025-50057: CWE-400 Uncontrolled Resource Consumption in rsjoomla.com RSFiles! component for Joomla

Medium
VulnerabilityFri Jul 18 2025

CVE-2025-50056: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in rsjoomla.com RSMail! component for Joomla

Medium
VulnerabilityFri Jul 18 2025

CVE-2025-49486: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in balbooa.com Balbooa Gallery component for Joomla

High
VulnerabilityFri Jul 18 2025

CVE-2025-49485: CWE-89: Improper Neutralization of Special Elements used in an SQL Command in balbooa.com Balbooa Forms component for Joomla

High
VulnerabilityFri Jul 18 2025

Actions

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats