Extension – stackideas.com – Lack of mime type validation in...

4.8 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L

Description

User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by file extensions, no mime type checks are happening.

Basic Information

ID CVE-2026-21625

Source Joomla

Published Jan 16, 2026 at 15:06

Affected Product

Vendor Stackideas.com

Product EasyDiscuss extension for Joomla

Version 1.0.0-5.0.15

Affected Versions Stackideas.com EasyDiscuss extension for Joomla 1.0.0-5.0.15

CWE Classification

CWE-434

References

stackideas.com /easydiscuss

{
    "lastseen": "",
    "description": "User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by file extensions, no mime type checks are happening.",
    "published": "2026-01-16T15:06:15.596Z",
    "modified": "2026-01-16T15:06:15.596Z",
    "type": "cve",
    "title": "Extension - stackideas.com - Lack of mime type validation in EasyDiscuss component 1.0.0-5.0.15 for Joomla",
    "source": "Joomla",
    "references": "https://stackideas.com/easydiscuss",
    "id": "CVE-2026-21625",
    "bulletinFamily": "",
    "cwe": [
        "CWE-434"
    ],
    "cvelist": null,
    "sourceData": "Stackideas.com EasyDiscuss extension for Joomla 1.0.0-5.0.15",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "EasyDiscuss extension for Joomla",
    "version": "1.0.0-5.0.15",
    "vendor": "Stackideas.com",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Extension – stackideas.com – Lack of mime type validation in EasyDiscuss component 1.0.0-5.0.15 for Joomla_CVE-2026-21625