How to fix EUVD-2025-18143?

Within 24 hours: Inventory all Joomla instances and identify those running RSTickets! versions 1.9.12-3.3.0; disable the component if not actively used. Within 7 days: Implement WAF rules to block suspicious input patterns targeting RSTickets! endpoints and deploy input validation controls on ticket submission forms. Within 30 days: Monitor vendor advisories for patch availability; contact RSTickets! vendor for timeline and plan immediate deployment upon release, or evaluate alternative ticketing solutions if the vendor does not provide timely remediation.

Is PHP affected by EUVD-2025-18143?

A stored cross-site scripting vulnerability in RSTickets! (Joomla component versions 1.9.12-3.3.0) enables attackers to inject malicious scripts that execute when users interact with affected ticket systems, potentially compromising user credentials, session tokens, and sensitive support ticket…

EUVD-2025-18143

| CVE-2025-32465 HIGH

2025-06-11 [email protected]

8.5

CVSS 4.0

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/RE:L/U:Clear

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Scope

Lifecycle Timeline

Analysis Generated

Mar 14, 2026 - 21:09 vuln.today

EUVD ID Assigned

Mar 14, 2026 - 21:09 euvd

EUVD-2025-18143

CVE Published

Jun 11, 2025 - 20:15 nvd

HIGH 8.5

Description

A stored XSS vulnerability in RSTickets! component 1.9.12 - 3.3.0 for Joomla was discovered. It allows attackers to perform cross-site scripting (XSS) attacks via sending crafted payload.

Analysis

RSTickets! component for Joomla versions 1.9.12 through 3.3.0 contains a stored cross-site scripting (XSS) vulnerability that allows authenticated attackers to inject malicious scripts into the application, which are then executed in the browsers of other users who view the affected content. With a CVSS score of 8.5 and requiring low privilege level plus user interaction, this vulnerability poses a significant risk to Joomla installations using vulnerable RSTickets! versions, particularly in multi-user environments where attackers can escalate privileges or steal administrative credentials.

Technical Context

The vulnerability exists in the RSTickets! Joomla component (CPE: cpe:2:a:rsjoomla:rstickets:*), a ticketing system extension. The root cause is improper input validation and output encoding in user-controllable fields (CWE-79: Improper Neutralization of Input During Web Page Generation), allowing attackers to bypass content sanitization filters. The stored nature of the XSS means payloads persist in the application database and execute whenever affected content is rendered, affecting all users who interact with the compromised ticket or message without requiring the attacker to be present during exploitation. The vulnerability affects versions from 1.9.12 through 3.3.0, indicating a regression or long-standing flaw across multiple release cycles.

Affected Products

RSTickets! (1.9.12 through 3.3.0 (inclusive))

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +42

POC: 0

EUVD-2025-18143 vulnerability details – vuln.today

Back

EUVD-2025-18143

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Priority Score

Share

EUVD-2025-18143

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Priority Score

Share

External POC / Exploit Code