CVE-2025-49486 Information

Description

A stored XSS vulnerability in the Balbooa Gallery plugin 1.0.0-2.4.0 for Joomla allows privileged users to store malicious scripts in gallery items.

Reference

https://extensions.joomla.org/extension/gallery/

Related CNNVD

CNNVD-202507-2431 (Published: 2025-07-18)