CVE-2025-49486

Vulnerability Description

A stored XSS vulnerability in the Balbooa Gallery plugin 1.0.0-2.4.0 for Joomla allows privileged users to store malicious scripts in gallery items.

Related Weaknesses (CWE)

CWE-79

References

https://extensions.joomla.org/extension/gallery/

FAQ

What is CVE-2025-49486?

CVE-2025-49486 is a documented vulnerability. A stored XSS vulnerability in the Balbooa Gallery plugin 1.0.0-2.4.0 for Joomla allows privileged users to store malicious scripts in gallery items.

How severe is CVE-2025-49486?

CVSS scoring is not yet available for CVE-2025-49486. Check NVD for updates.

Is there a patch for CVE-2025-49486?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.