High severityNVD Advisory· Published Jul 18, 2025· Updated Apr 15, 2026
CVE-2025-49486
CVE-2025-49486
Description
A stored XSS vulnerability in the Balbooa Gallery plugin 1.0.0-2.4.0 for Joomla allows privileged users to store malicious scripts in gallery items.
Affected products
2- Range: >=1.0.0,<=2.4.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.