Skip to main content

4Analytics CVE-2026-57833

| EUVDEUVD-2026-44601 HIGH
Cross-site Scripting (XSS) (CWE-79)
2026-07-15 Joomla GHSA-8q44-8chq-65hc
8.6
CVSS 4.0 · Vendor: Joomla
Share

Severity by source

Vendor (Joomla) PRIMARY
8.6 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
6.1 MEDIUM

Unauthenticated network injection (PR:N) but stored payload requires a victim to view the AI page (UI:R); XSS crosses into the victim's browser (S:C) yielding low confidentiality/integrity impact, no availability effect.

3.1 AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

Primary rating from Vendor (Joomla).

CVSS VectorVendor: Joomla

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
A
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jul 15, 2026 - 09:45 vuln.today
CVE Published
Jul 15, 2026 - 08:59 cve.org
HIGH 8.6

DescriptionCVE.org

The Joomla extension 4Analytics is vulnerable to an unauthenticated stored XSS in relation to the AI analysis feature.

AnalysisAI

Stored cross-site scripting in the 4Analytics privacy analytics extension for Joomla (by weeblr.com) lets unauthenticated attackers inject persistent JavaScript that executes when a victim views the AI analysis feature. Because injection requires no authentication (PR:N) but execution requires a victim to open the affected view (UI:A), an attacker can seed malicious script that later runs in a privileged operator's browser session. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify Joomla site running 4Analytics
Delivery
Submit request with JavaScript in analytics field
Exploit
Payload stored by extension
Execution
Admin opens AI analysis view
Persist
Script executes in admin session
Impact
Steal session/tokens or act as admin

Vulnerability AssessmentAI

Exploitation Exploitation requires that the target Joomla site has the 4Analytics extension installed and actively uses its AI analysis feature, since that specific view is where the stored payload is rendered and executed. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The supplied CVSS 4.0 score is 8.6 (High) with vector AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H - network-reachable, low complexity, no privileges, but requiring active user interaction, with high impact to the vulnerable system. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated visitor sends crafted requests to a 4Analytics-monitored Joomla site, embedding a JavaScript payload in an analytics-captured field (such as a referrer or event parameter) that is stored by the extension. Later, a site administrator opens the AI analysis feature to review insights, at which point the stored script executes in the admin's authenticated browser session - potentially hijacking the session, exfiltrating cookies/tokens, or performing actions as the administrator. …
Remediation No vendor-released patch identified at time of analysis - the only reference is the product page (https://weeblr.com/joomla-seo/4analytics-private-analytics-for-joomla), not a dedicated advisory or tagged release, so no exact fix version can be cited. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, audit your Joomla installation to identify if 4Analytics is installed and active; if present, immediately disable the extension or restrict access to the analytics interface. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-57833 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy