CVE 9.4 CRITICAL

Extension – stackideas.com – Persistent XSS in EasyDiscuss component 1.0.0-5.0.15 for Joomla_CVE-2026-21624

January 16, 2026 invoker category_cve

9.4 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Description

Lack of input filterung leads to a persistent XSS vulnerability in the user avatar text handling of the Easy Discuss component for Joomla.

AI Analysis

Persistent XSS vulnerability in EasyDiscuss component for Joomla due to lack of input filtering in user avatar text handling

Basic Information

ID CVE-2026-21624

Source Joomla

Published Jan 16, 2026 at 15:05

Affected Product

Vendor Stackideas.com

Product EasyDiscuss extension for Joomla

Version 1.0.0-5.0.15

Affected Versions Stackideas.com EasyDiscuss extension for Joomla 1.0.0-5.0.15

CWE Classification

CWE-79

AI Assessment

AI Score 9.4 / 10

AI Severity Critical

Vendor Stackideas.com

Product EasyDiscuss extension for Joomla

Version 1.0.0-5.0.15

References

stackideas.com /easydiscuss

{
    "lastseen": "",
    "description": "Lack of input filterung leads to a persistent XSS vulnerability in the user avatar text handling of the Easy Discuss component for Joomla.",
    "published": "2026-01-16T15:05:37.172Z",
    "modified": "2026-01-16T15:05:37.172Z",
    "type": "cve",
    "title": "Extension - stackideas.com - Persistent XSS in EasyDiscuss component 1.0.0-5.0.15 for Joomla",
    "source": "Joomla",
    "references": "https://stackideas.com/easydiscuss",
    "id": "CVE-2026-21624",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79"
    ],
    "cvelist": null,
    "sourceData": "Stackideas.com EasyDiscuss extension for Joomla 1.0.0-5.0.15",
    "sourceHref": "",
    "cvss": {
        "score": 9.4,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "EasyDiscuss extension for Joomla",
    "version": "1.0.0-5.0.15",
    "vendor": "Stackideas.com",
    "ai_description": "Persistent XSS vulnerability in EasyDiscuss component for Joomla due to lack of input filtering in user avatar text handling",
    "ai_severity": "Critical",
    "ai_vendor": "Stackideas.com",
    "ai_product": "EasyDiscuss extension for Joomla",
    "ai_version": "1.0.0-5.0.15",
    "ai_score": 9.4
}

💭 Join the Security Discussion ❌ Cancel Reply