Medium severity4.8NVD Advisory· Published Jun 4, 2025· Updated Jun 17, 2026
CVE-2025-27444
CVE-2025-27444
Description
A reflected XSS vulnerability in RSform!Pro component 3.0.0 - 3.3.13 for Joomla was discovered. The issue arises from the improper handling of the filter[dateFrom] GET parameter, which is reflected unescaped in the administrative backend interface. This allows an authenticated attacker with admin or editor privileges to inject arbitrary JavaScript code by crafting a malicious URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 3.0.0 - 3.3.13
- Range: 3.0.0-3.3.13
Patches
Vulnerability mechanics
References
1- rsjoomla.comnvdProduct
News mentions
0No linked articles in our index yet.