CVE 9.4 CRITICAL

Extension – firecoders.com – Stored XSS vulnerability in CommentBox component 1.0.0-1.1.0 for Joomla_CVE-2025-54298

August 14, 2025 invoker category_cve
9.4 / 10
CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H

Description

A stored XSS vulnerability in CommentBox component 1.0.0-1.1.0 for Joomla was discovered.

Basic Information

ID CVE-2025-54298
Source Joomla
Published Jul 28, 2025 at 17:29
Modified Jul 31, 2025 at 16:18

Affected Product

Vendor firecoders.com
Product CommentBox component for Joomla
Version 1.0.0-1.1.0
Affected Versions firecoders.com CommentBox component for Joomla 1.0.0-1.1.0

CWE Classification

CWE-79

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.