Vulnerabilities in Joomla! Project
102 resultsCVE-2024-27186MEDIUM[20240803] - Core - XSS in HTML Mail TemplatesEPSS 0.3%CVE-2024-40743MEDIUM[20240805] - Core - XSS vectors in Outputfilter::strip* methodsEPSS 0.3%CVE-2026-21629MEDIUMJoomla! Core - [20260301] - ACL hardening in com_ajaxEPSS 0.2%CVE-2026-48901HIGHJoomla! Core - [20260517] - Incorrect Cache Key Construction for InputFilter objectsEPSS 0.2%CVE-2024-40747MEDIUM[20250101] - Core - XSS vectors in module chromesEPSS 0.2%CVE-2024-27184MEDIUM[20240801] - Core - Inadequate validation of internal URLsEPSS 0.2%CVE-2026-48899MEDIUMJoomla! Core - [20260515] - Incorrect Access Control in sample data pluginsEPSS 0.2%CVE-2023-23750MEDIUM[20230101] - Core - CSRF within post-installation messagesEPSS 0.2%CVE-2026-21631MEDIUMJoomla! Core - [20260303] - XSS vector in com_associations comparison viewEPSS 0.2%CVE-2026-48897HIGHJoomla! Core - [20260512] - MFA Authentication BypassEPSS 0.2%CVE-2026-21632MEDIUMJoomla! Core - [20260304] - XSS vectors in various article title outputsEPSS 0.2%CVE-2026-48902CRITICALJoomla! Core - [20260518] - Transport encryption downgrade for password and username reset linksEPSS 0.2%CVE-2026-30895MEDIUMJoomla! Core - [20260504] - XSS in readmore linksEPSS 0.2%CVE-2026-25900MEDIUMJoomla! Core - [20260501] - XSS in feed modulesEPSS 0.2%CVE-2025-63083MEDIUMJoomla! Core - [20260102] - XSS vector in the pagebreak pluginEPSS 0.2%CVE-2026-30894MEDIUMJoomla! Core - [20260503] - XSS in com_contenthistoryEPSS 0.2%CVE-2025-63082MEDIUMJoomla! Core - [20260101] - Inadequate content filtering for data URLsEPSS 0.2%CVE-2026-25901MEDIUMJoomla! Core - [20260502] - XSS in com_associationsEPSS 0.2%CVE-2026-48900MEDIUMJoomla! Core - [20260516] - Incorrect Access Control in com_schedulerEPSS 0.2%CVE-2026-48903MEDIUMJoomla! Framework - [20260519] - Inadequate content filtering within the checkAttribute filter code.EPSS 0.1%