CVE-2026-48905 - Vulnerability Details - OpenCVE

Lack of input filtering leads to an XSS vector in the HTML filter code.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction Passive

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Joomla	Joomla\!

Configuration 1 [-]

OR	cpe:2.3:a:joomla:joomla\!::::::::
	cpe:2.3:a:joomla:joomla\!::::::::

No data.

References

Link	Providers
https://developer.joomla.org/security-centre/1052-20260520-framework-inadequate-content-filtering-within-the-cleanattributes-filter-code.html

History

Tue, 26 May 2026 21:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Joomla Joomla joomla\!
CPEs		cpe:2.3:a:joomla:joomla\!::::::::
Vendors & Products		Joomla Joomla joomla\!
Metrics		cvssV3_1 `{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}`

Tue, 26 May 2026 17:00:00 +0000

Type	Values Removed	Values Added
Description		Lack of input filtering leads to an XSS vector in the HTML filter code.
Title		Joomla! Framework - [20260520] - Inadequate content filtering within the cleanAttributes filter code.
Weaknesses		CWE-79
References		https://developer.joomla.org/security-centre/1052-20260520-framework-inadequate-content-filtering-within-the-cleanattributes-filter-code.html
Metrics		cvssV4_0 `{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: Joomla

Published: 2026-05-26T16:45:00.666Z

Updated: 2026-05-26T18:09:45.430Z

Reserved: 2026-05-26T10:06:17.656Z

Link: CVE-2026-48905

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2026-05-26T17:16:55.323

Modified: 2026-05-26T20:51:16.700

Link: CVE-2026-48905

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-48905", "assignerOrgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586", "state": "PUBLISHED", "assignerShortName": "Joomla", "dateReserved": "2026-05-26T10:06:17.656Z", "datePublished": "2026-05-26T16:45:00.666Z", "dateUpdated": "2026-05-26T18:09:45.430Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Joomla! Framework Filter package", "vendor": "Joomla! Project", "versions": [{"status": "affected", "version": "1.0.0-3.0.5"}, {"status": "affected", "version": "4.0.0-4.0.1"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Jesper Nl"}], "impacts": [{"capecId": "CAPEC-18", "descriptions": [{"lang": "en", "value": "CAPEC-18 XSS Targeting Non-Script Elements"}]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Lack of input filtering leads to an XSS vector in the HTML filter code."}], "value": "Lack of input filtering leads to an XSS vector in the HTML filter code."}], "providerMetadata": {"orgId": "6ff30186-7fb7-4ad9-be33-533e7b05e586", "shortName": "Joomla", "dateUpdated": "2026-05-26T16:45:00.666Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://developer.joomla.org/security-centre/1052-20260520-framework-inadequate-content-filtering-within-the-cleanattributes-filter-code.html"}], "source": {"discovery": "UNKNOWN"}, "title": "Joomla! Framework - [20260520] - Inadequate content filtering within the cleanAttributes filter code.", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-05-26T17:50:04.513114Z", "id": "CVE-2026-48905", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-26T18:09:45.430Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*", "matchCriteriaId": "E56B6527-7D92-44BC-B7DD-69453A9B8617", "versionEndExcluding": "5.4.6", "versionStartIncluding": "3.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*", "matchCriteriaId": "5CE63205-A5A2-4057-B2CA-13F69CA2E6F0", "versionEndExcluding": "6.1.0", "versionStartIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Lack of input filtering leads to an XSS vector in the HTML filter code."}], "id": "CVE-2026-48905", "lastModified": "2026-05-26T20:51:16.700", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "[email protected]", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2026-05-26T17:16:55.323", "references": [{"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://developer.joomla.org/security-centre/1052-20260520-framework-inadequate-content-filtering-within-the-cleanattributes-filter-code.html"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "[email protected]", "type": "Primary"}]}