Medium severity4.3NVD Advisory· Published May 17, 2026· Updated May 18, 2026
CVE-2018-25337
CVE-2018-25337
Description
Joomla JoomOCShop 1.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions on behalf of authenticated users. Attackers can craft malicious HTML forms targeting account endpoints like /joomoc2/?route=account/edit and to modify user information or reset passwords without user consent.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =1.0
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.