Skip to main content

Chronoforms Extension For Joomla

1 CVEs product

Monthly

CVE-2026-58148 HIGH This Week

Stored cross-site scripting in the ChronoForms extension for Joomla lets unauthenticated attackers persist malicious JavaScript that executes in the browser of anyone who later views the affected page. The flaw carries a CVSS 4.0 base score of 8.7 and requires no authentication (PR:N), though a victim must load the poisoned content (UI:P). There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV.

XSS Chronoforms Extension For Joomla
NVD
CVSS 4.0
8.7
CVSS 8.7
HIGH This Week

Stored cross-site scripting in the ChronoForms extension for Joomla lets unauthenticated attackers persist malicious JavaScript that executes in the browser of anyone who later views the affected page. The flaw carries a CVSS 4.0 base score of 8.7 and requires no authentication (PR:N), though a victim must load the poisoned content (UI:P). There is no public exploit identified at time of analysis, and the flaw is not listed in CISA KEV.

XSS Chronoforms Extension For Joomla
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy